What I can do for you

My services in a nutshell

I exclusively offer data protection law advice in my firm. In addition, I offer data protection services, such as appointment as data protection officer, creation of data protection documentation, support with access requests,

training of employees and interim appointment in the area of data protection. I also offer the appointment as an EU representative in accordance with Art. 27 GDPR. You can find details of my services below.

Appointment as external data protection officer

Scope of services according to Art. 37 GDPR and by agreement, e.g :

  • Monitoring of GDPR compliance
  • Training of employees
  • Creation and maintenance of record of processing activities (ROPA)
  • Advice regarding data protection impact assessments
  • Drafting and negotiating of data processing contracts
  • Answering employee as well as customer inquiries
  • Contact person for the data protection supervisory authority

Data Privacy Services

I offer to create different data privacy documentation such as:

  • Record of Processing Activities
  • Supplier overviews
  • Creation of Data Protection Impact Assessments
  • Creation of processes, policies and guidelines
  • Activity report and other reports

Privacy Management Coaching

On an hourly or daily basis, remote or on-site at your company:

  • Coaching, support and consulting of executives and/or the entire data protection/privacy team.
  • Coaching, support and consulting of higher management regarding leadership and conceptual design of the data protection department
  • Interim management of the data protection/privacy department

Trainings & Seminars on Data Protection/Privacy

On-site and/or online:

  • Trainings for employees
  • Management trainings
  • Training of HR departments

Data protection audits

A data privacy audit is a voluntary review of your company’s data privacy/ GDPR compliance. I offer:

  • Data protection audits in companies on a one-time basis
  • Data protection audits in companies on a regular basis
  • Data protection audits of processors that your company wants to assign (international tasks on request)
  • Support for companies that are audited by their customers in regard to data protection law

Data protection analyses for small companies

Data protection requirements are difficult to keep track of, especially for small companies. That is why I support, e.g. yoga studios, start-ups or tax consultants with simple implementation

options and a standard data protection analysis. This way, the necessary data protection measures can be easily implemented with manageable effort.

European Representative acc. to Art. 27 GDPR

Representative of controllers and processors that are located outside EU,

but process personal data in Germany.


You want my expertise? Please contact me under + 49 173 327 55 75.

Privacy Management

Who I am and what I do

I have been working in the legal field of data protection since 2010. During these 14 years, I have held a wide variety of positions in different companies: legal advisor, external data protection officer, internal data protection manager, privacy manager, data protection auditor, and coach in data protection departments. I have always found that there are considerable differences in the level of interest and general acceptance of the topic of „data protection“ itself. Despite this, or precisely because of it, I passionately support companies with my skills and experience. Because data protection is of central importance for every company and for all of us — and is becoming even more important every day.

In 2023, I started my own lawfirm, fritzlaw, as a sole attorney and  „fritzberatung“, where I offer data protection services esp. as external Data Protection officer. In addition, I give seminars for different providers and am a lecturer at the Augsburg University of Applied Sciences (Faculty of Computer Science, Lecture: Law).

My working languages are German and English.

From March 2021 to June 2022, I worked in a large international law firm ( in the data protection department and for the Privacy Officer.

Between November 2016 and February 2021, I worked as Privacy Manager in a US medical device company ( and oversaw the implementation of the privacy management system for the Europe, Middle East & Africa (EMEA) region. In addition, I was posted to the US parent company for a few months and was thus able to further expand my international experience as well as my network internationally.

Previously, I worked for 6 years a in a medium-sized law firm in Augsburg.

In my professional activity of the last 14 years, I have gained experience in the following areas, among others:

  • Advising international companies on data protection laws (GDPR)
  • Advice regarding international data transfers, including data transfer impact assessments,
  • Creation of Intercompany agreements in the area of data protection
  • Education and training of employees, executives and top management in the area of data protection laws
  • Creation of data protection impact assessments
  • Creation and maintenance of record of processing activities (RoPA)
  • Drafting and negotiating order processing contracts, as well as conducting subsequent audits
  • Establishment and design of international data protection organizations
  • Preparation of consent forms vis-à-vis employees as well as customers, e.g. for newsletters, telephone advertising, publication of photographs, etc.
  • Review of software products in the health data area from a data protection perspective
  • Audits of processors in the USA, UK and Germany
  • Conducting and documenting internal audits
  • Cooperation with data protection supervisory authorities in Europe
  • Support of clients in the software area, e.g. SaaS
  • Advice for yoga studios
  • Advice for e-mobility providers
  • Advice for tax offices
  • Advice for medical practices


You want my expertise? Please contact me under + 49 173 327 55 75 or

Privacy land

Where you can find me

I am active in all areas where data protection law advice is needed. I currently serve both large companies (e.g. in the data protection department, human resources department or as an external data protection officer), but also small and medium-sized companies. In doing so, I support companies in understanding data protection law requirements and implementing them in a legally compliant manner. I work on an hourly or daily rate basis, digitally or on-site at your company.

I work for

  • Privacy managers
  • Data protection officers
  • Data protection departments
  • Product developers
  • Managing directors
  • Top Management
  • IT managers
  • Software developers
  • HR responsible
  • Personnel departments


You want my expertise? Please contact me under + 49 173 327 55 75 or

Data Leak

What I want to achieve

I want to teach as much as possible about data protection to as many people as possible. I think that we can only implement data protection as a fundamental right of every individual if we first comprehensively educate everyone, both the people affected and the companies.

The term „data protection“ in itself is misleading. Because ultimately it is „human protection“ in the sense of protecting humans from surveillance and the misuse of personal data.

In the context of a fully digitized society, the protection of this fundamental right quickly becomes unmanageable.

As soon as „human protection“ comes to the fore, data protection also becomes interesting for us personally. From this perspective, perhaps one or two people can still be inspired by this topic. If you are still not passionate about data protection then you have come to the right place.

I have enough passion for all of us!


You want my expertise? Please contact me under + 49 173 327 55 75 or

Data Leak

I am looking forward to meeting you!