Known fine case
Deutsche Wohnen SE
2019 · BlnBDI
14.5 million EUR
Retention of personal data of former tenants without necessity, a breach of the storage limitation principle (Art. 5(1)(e) GDPR).
Press releaseAll locations
Berlin
External Data Protection Officer in Berlin
Placed through the Kopexa partner network: certified DPOs for the Berlin startup and tech scene, complemented by the Kopexa GRC platform.
- BlnBDI
- Supervisory authority
- 5
- Industry clusters
- < 1 d
- Match response
Location profile
AvailableBerlin
Berlin
Authority
BlnBDI
State law
Berliner Datenschutzgesetz (BlnDSG)
Industries
Startups & SaaSE-commerceFintech
Known case
Deutsche Wohnen SE14.5 million EUR
Supervisory authority
BlnBDI
Berliner Beauftragte für Datenschutz und Informationsfreiheit
www.datenschutz-berlin.deResponsible for all private-sector controllers headquartered in Berlin. For cross-state groups, the main-establishment principle under Art. 56 GDPR applies.
Berliner Datenschutzgesetz (BlnDSG)
The BlnDSG governs data protection for Berlin authorities and public sector bodies. Private companies are subject to the GDPR and the BDSG; the BlnBDI is the supervisory authority.
Industry clusters on the ground
What shapes Berlin, and what that means for DPO mandates.
Startups & SaaSE-commerceFintechMedia & AdvertisingPublic Sector
Berlin is Europe's startup capital with more than 4,500 tech companies. For startups from pre-seed to Series B, GDPR compliance is an investor hygiene factor: without a record of processing activities and a data protection concept, there is no term sheet. Berlin e-commerce players like Zalando and HelloFresh set the bar for cookie compliance, international data transfers and recommendation engines. Fintechs such as Trade Republic and N26 must combine the GDPR with BaFin, MaRisk and KWG requirements. The BlnBDI is considered one of Germany's most assertive supervisory authorities, and the Deutsche Wohnen case with its 14.5 million EUR fine set a benchmark in 2019.
How the matching works
DPO for Berlin, placed within 3 business days.
We match industry, size and language against our partner network. You get two profiles to choose from, no catalog, no sales discovery.
- 1
Request (2 min)
Describe your setup: industry, headcount, any frameworks (TISAX, ISO 27001, BAFIN). Optional: preferred language.
- 2
Match from the regional network (≤ 24h)
We check suitable DPOs for Berlin and the surrounding area. Industry fit + capacity + response time. You get two profiles, you decide.
- 3
Mandate starts (3–7 days)
Appointment in writing, notification to the relevant supervisory authority, onboarding directly in the Kopexa platform.
Frequently asked questions. DPO in Berlin
Request an external Data Protection Officer (DPO) in Berlin
We match you with a certified DPO from the Kopexa partner network, with industry expertise for Berlin and the surrounding region. Response within one business day.
A partner network, not a lone consultant
Access to certified DPOs with a range of industry specializations.
Complete GRC suite in the Pro plan
Kopexa Pro (599 EUR/month): unlimited frameworks, OSCAL support, vendor and asset management, cross-framework mapping, audit & assessments. Not just DPO tooling.
Transparent flat-rate pricing
DPO flat rate and platform license shown separately. No hidden tool costs.
More in the hub
External Data Protection Officer (DPO)
Overview: what an external DPO does, when one is mandatory and how the Kopexa partner network places them.
Cost & packages
Pricing models for external DPOs compared: hourly fee, monthly flat rate, packages by company size.
Check your obligation
Does your company need a DPO? Interactive checker based on Section 38 BDSG and Art. 37 GDPR.
Locations
External DPOs by region: Berlin, Munich, Stuttgart, Cologne, Bremen and more.