All downloads are of an informative nature. We do not accept any liability for them.
Checklists & guidelines
On the implementation of data protection law by companies you will find instructions here. You can download checklists and a guide as a PDF here:
Data protection impact assessment
A template for data protection impact assessments (including a threshold analysis).
The DSFA is Structured according to processing principles – This makes it easier to fill out, but above all it corresponds to the purpose of the FADP: In the case of private companies, it is the processing principles that protect the data subjects, which is why risks must be measured against these principles.
With regard to the risks, a distinction must be made between the highest risks that can generally be expected (= Gross risks(taking into account measures that are not planned anyway, i.e. measures that are firmly planned) and the Net risksi.e. the possibly lower risks that the controller is willing to accept after further measures. This examination and the conclusion from gross to net risk is the actual core of the DPIA, which is why our template distinguishes between these two risk levels:
A Chatbot for a DSFA is at our prompts available. The VUD has also published a template for a DPIA:
Processing directory and regulations
Processing directory – simple template for a responsible person and order processor (Excel, in German)
Form for processing regulations (by Sarah Bischof, Maria Winkler, David Rosenthal and David Vasella)
Dealing with requests for information
Building blocks for a response to requests for information under the DPA (as at 21.11.2024)
Privacy statements
These templates originate from DSATa set of forms that allows a structured self-assessment of a company’s data protection compliance. DSAT was developed by David Rosenthal and is technically supervised by him and David Vasella.