DATA PRIVACY & CYBERSECURITY
Extensive practical project experience, reliable expert knowledge and technical skills – a strong combination for consulting in an international context.
Our team
At Ad Fontes, Ms Grit Karg is responsible for all matters relating to data privacy, IT, SaaS contracts, artificial intelligence (AI) and digital commerce. After 5 years in various management positions in the legal department of the e-Health company Doctolib, Grit Karg took over the management and development of the data privacy team at Ad Fontes. Ms Karg’s role as DPO of the Doctolib group from 2022 to 2024 has left a strong impression on her and has focused her advice on the specific needs of companies.
Data protection in everyday practice
Ms Karg’s team is called upon by clients in a wide variety of situations. The range of services offered by clients often grows rapidly, and issues of data privacy are among the key parameters with which in-house teams need to align. Agile legal advice and a pragmatic approach to business challenges are essential for our clients.
Typical areas of practice
Ms Karg advises companies on all aspects of data privacy. Here are some examples of assignments that companies often outsource to her legal expertise:
• Compliance of data processing linked to platforms;
• Structuring and strategy for updating the company’s data protection documentation (DPIA, ROPA, TIA, LIA, etc.);
• Support for data protection management strategy, including certifications (ISO catalogue, TÜV, etc.);
• DPA and SaaS contract negotiations and handling of customer objections;
• Crisis anticipation and management;
• Notifications, data protection authority controls, requests from data subjects;
• Implementation of European digital legislation (DSA, DORA, NIS2, eIDAS, etc.).
Privacy and cybersecurity from a single source
Data protection and information security are often closely linked. That’s why Ad Fontes is working with cybersecurity expert Sven Zehl. The collaboration with Mr Zehl grew out of Ms Karg’s and Mr Zehl’s joint work at Doctolib on a number of projects and topics, and has been consolidated as a result of our customers’ growing needs.
From 2020 to 2023, Mr Zehl worked in particular as Group Security Compliance Officer & Head of Security Compliance at Doctolib. Before that, Mr Zehl was a system architect in the security governance department of Robert Bosch GmbH and responsible for IoT and artificial intelligence at the digital industry association Bitkom. Mr. Zehl is a qualified CyberRisk Check auditor (German BSI) and ISO27001 lead auditor (CIS LA).
Thanks to the collaboration between privacy protection and cybersecurity, Ad Fontes is able to provide customers with fast, targeted support with a 360° approach, both at the preparatory and reactive stages. Our projects include for example incident/crisis management, certifications (ISO, C5, German TÜV, etc.), setting up internal governance and drawing up a security roadmap.