Keeping your company GDPR compliant

As an external data protection officer (DPO), we make it easier and simpler for companies to meet all GDPR requirements. We put data protection regulations into practice and take care of documentation, operations and notifications to ensure compliance at all times. In addition, we act as an independent adviser and liaise with the Danish Data Protection Agency.

GDPR requirements regularly updated

GDPR is a living document, with compliance determined by cases ruled on by the Danish Data Protection Agency. That means you have to continuously follow a GDPR schedule demonstrating that your company is up to date in protecting people’s personal data.

Our DPO Service is available to companies that are interested in having an external data protection officer. This keeps costs down as you only pay for fixed expenses, just as you have the benefit of easily scaling up activities according to need, for example, if there is a security breach. Our DPO works closely with your data controller but is also available to provide independent advice.

Sixtus Compliance’s complete DPO Service provides:
  • Management of all registrations with the Danish Data Protection Agency
  • Correct handling of data processing agreements
  • Implementation of all necessary procedures
  • Support for subject access requests
  • Data Protection Impact Assessments
  • Advice on IT procedures in connection with GDPR compliance
  • Emergency support in case of data breaches
  • Annual inspections, including update of all documentation
  • Continual revision of internal data management and documentation
  • Support and advice in case of external auditing
  • Internal training in correct management of personal data
  • Access to Sixtus Privacy Scanner – UNIQUE PRODUCT

Sixtus Privacy Scanner

The Sixtus Privacy Scanner employs reliable software that reveals whether personal data in documents is being stored correctly. Even though companies devise GDRP procedures, human error occurs on a daily basis and files that should be erased might not be deleted properly.

The Sixtus Privacy Scanner can:
  • ascertain compliance with requirements for storage of personal data
  • provide an overview of data stored on every individual person
  • check whether (former) employees have also had personal data removed from their computers that is no longer required
  • analyse the quality of your personal data processes
  • carry out internal ad-hoc controls or continual monitoring

Which companies should have a DPO?

Not all companies need a DPO. According to GDPR, a DPO is needed when the core activity of a company is the processing of personal data, the processing large volumes of personal data and sensitive information, or companies that systematically register people. If you are in doubt, you’re welcome to contact us for independent advice.

Would you like to know more about our DPO Service?

Call Bo Pyskow at +45 3065 4335, send an email to or fill in the contact form below: