Steffen Lotze - Data Protection Officer and...

Q: Where is Steffen based?

Steffen is based in Grafrath, Germany and can operate in on-site , hybrid , and remote work models.

Q: What languages does Steffen speak?

Steffen speaks the following languages: German (Native) .

Q: How many years of experience does Steffen have?

Steffen has at least 32 years of experience. During this time, Steffen has worked in at least 13 different roles and for 12 different companies . The average length of individual experience is 2 years and 5 months . Note that Steffen may not have shared all experience and actually has more experience.

Q: What is Steffen's latest experience?

Steffen's most recent position is Data Protection Officer and Information Security Consultant at Mobility inside Plattform GmbH .

Q: What companies has Steffen worked for in recent years?

In recent years, Steffen has worked for Mobility inside Plattform GmbH , glacier-ac GmbH , secunet Security Networks AG , and Self-employed .

Q: Which industries is Steffen most experienced in?

Steffen is most experienced in industries like Information Technology , Construction , and Retail . Steffen also has some experience in Professional Services , Advertising , and Government and Administration .

Q: Which business areas is Steffen most experienced in?

Steffen is most experienced in business areas like Information Technology , Project Management , and Accounting . Steffen also has some experience in Customer Service , Sales , and Legal .

Q: Which industries has Steffen worked in recently?

Steffen has recently worked in industries like Professional Services , Information Technology , and Government and Administration .

Q: Which business areas has Steffen worked in recently?

Steffen has recently worked in business areas like Legal , Information Technology , and Quality Assurance .

Recommended expert

Grafrath, Germany

Experience

Feb 2023 - Mar 2024

1 year 2 months

Frankfurt am Main, Germany

Data Protection Officer and Information Security Consultant

Mobility inside Plattform GmbH

Creation of concepts and guidelines for the departments in HR, product management, development, and IT administration as well as all company-wide policies
Advising on the setup and maintenance of the record of processing activities (RoPA)
Reviewing and expanding contractual agreements according to Art. 28 GDPR
Reviewing and enhancing documents under Art. 44 et seq. GDPR
Conducting individual and group trainings (~10 people) up to executive level (C-level)
Data protection contact for public transport associations throughout Germany
Preparation for certification readiness according to BSI IT Baseline Protection

Achievements:

Established the database-driven generation of customer-specific privacy statements
Reassured all transport companies through structured communication, argumentation, and delivery of quality

Jul 2022 - Oct 2022

4 months

Unterschleißheim, Germany

Senior Consultant for Information Security and Data Protection

glacier-ac GmbH

Set up management systems to meet the requirements of TISAX, ISO 27001, and GDPR for OEM clients and suppliers at Tier 1 and Tier 2 levels

Sep 2019 - Jun 2022

2 years 10 months

Munich, Germany

Data Privacy Expert – BayLfSt Staff Unit

secunet Security Networks AG

Preparation and execution of data protection audits in the ELSTER information network, including data protection impact assessments (DPIAs)
Conducted ISO 27001 and BSI IT Baseline Protection audits in the public sector
Information security training
Drafted and revised the logging policy, cryptography concept, backup concept, training concept, home-office policy, document control policy, and data & asset classification policy
Introduced new IT clusters into the ISMS scope

Achievements:

Significant increase in data protection quality and documentation in the ELSTER and authega information clusters for the Bavarian State Tax Office (BayLfSt)
ELSTER was fully audited for data protection in 2022

Nov 2018 - Jun 2024

5 years 8 months

Germany

Data Protection Officer

Self-employed

Supported clients as an external Data Protection Officer
Advised on information security projects and data protection policies
Conducted risk factor analysis and identified protective measures

Clients:

MAGNA sweets GmbH
moving GmbH
NAVUM GmbH
Projektil GbR

May 2017 - Jun 2018

1 year 2 months

Magdeburg, Germany

Software Consultant for ERP Systems

SelectLine Software GmbH

Coordinated requirements from the specification document with the capabilities of the ERP software (SCOR processes, warehouse logistics, CRM, accounting)
Presented the ERP software on-site using customer-specific process examples to executives, departments, and key users
Documented in BPMN

Dec 2016 - Mar 2017

4 months

Germering, Germany

ERP Consultant for ERP Systems

Step Ahead AG

Planning and implementation of ERP projects
Customizing the GUI and adapting it to customer processes

Jun 2016 - Nov 2016

6 months

Starnberg, Germany

Inside Sales Executive / Technical Presales

estos GmbH

Technical support for partners and existing customers
Product presentations and customer consulting

Mar 2014 - May 2016

2 years 3 months

Munich, Germany

Technical Employee in the IT Department

Bavaria Direktmarketing GmbH

Import and export of data, data validation, enrichment, preparation and analysis in Excel
Trainer for apprentices

Mar 2013 - Feb 2014

1 year

Germany

SEO Agency

Self-employed

Market analysis for the viability of an SEO agency
Creation of various websites and implementation of SEO measures

Apr 2010 - Feb 2013

2 years 11 months

Munich, Germany

Project Manager and CRM Consultant

CuT Alexander v. Sivers

Project responsibility for the company-wide roll-out of CRM software to customers of the IT systems house
Customizing the software interface and aligning it with customer processes
1st- and 2nd-level support for CRM software
Introduction of a commercial document structure and monitoring of document flow
Implementation of measures to reduce OPOS volume

May 2000 - Mar 2010

9 years 11 months

Germany

Owner and Managing Director

Medienhaustechnik Lotze

Acquisition, planning and execution of high-end media technology projects for private clients during the construction phase in the DACH region
Programming and designing GUIs to control entertainment electronics in heterogeneous environments and integrating them into building management systems
Regular analysis of BWA, SuSa and open items lists

Feb 1998 - Apr 2000

2 years 3 months

Munich, Germany

Member of the examination board for sales staff and managing directors

Hifi-Forum München GmbH

Ensuring a steady flow of orders for the company
Shaping business policies within the framework of the franchise agreement

Mar 1992 - Jan 1998

5 years 11 months

Retail and Inside Sales Representative

ELO-Touch Systems GmbH; AVNET Alfapower GmbH; Radio Arndt Inh. Harald Behr

Industry Experience

See where this freelancer has spent most of their professional time.

Experienced in Information Technology, Construction, Retail, Professional Services, Government and Administration, and Advertising.

Information Technology

Construction

Retail

Professional Services

Government and Administration

Advertising

Business Area Experience

See which departments and functions this freelancer has contributed to most.

Experienced in Information Technology, Project Management, Accounting, Customer Service, Sales, and Legal.

Information Technology

Project Management

Accounting

Customer Service

Sales

Legal

Summary

As an experienced data protection expert, I have been implementing information security and data protection projects since 2018 to ensure the security of sensitive data.

My primary goal is to strengthen the company's compliance and ensure that it meets the requirements of NIS-2 and the GDPR.

As a consultant in your company, I communicate on an equal level with employees and executives and work with you to shape processes and their implementation.

For me, it's about demonstrating compliance with the requirements of data protection, information security, the Trade Secrets Act, and the AI Act. Identifying risk factors in your company is crucial for implementation.

Skills

Complex Products
High-quality Products
Close To The Customer
Legal Certainty And Innovation

Languages

German

Native

Education

Sep 1988 - Feb 1992

Bebo-Wager-Berufsschule Augsburg

Secondary school certificate · Radio and Television Technician · Augsburg, Germany · 2.5

Certifications & licenses

Lead Auditor ISO 27001

Lead Auditor ISO 27701

BSI IT Baseline Protection Practitioner

IT Security Manager

Quality Officer

Trainer qualification exam

IHK

ISB

DSB

Statistics

Experience

Total positions 13

Experience in Information Technology 24.5 y

Avg length 2 y 8 m

Longest experience 9 y 10 m

Global Experience

Countries worked in 1 (Germany)

Primary country Germany

Expertise

Recent roles Data Protection Officer and Information Security Consultant, Senior Consultant for Information Security and Data Protection, Data Privacy Expert – BayLfSt Staff Unit

Main industries Information Technology, Construction, Retail

Main business areas Information Technology, Project Management, Accounting

Qualifications

Certifications earned 8

Profile

Created

August 2024

Last Update

March 2026

Need a freelancer? Find your match in seconds.

Try FRATCH GPT

Frequently asked questions

Do you have questions? Here you can find further information.

Where is Steffen based?

Steffen is based in Grafrath, Germany and can operate in on-site, hybrid, and remote work models.

What languages does Steffen speak?

Steffen speaks the following languages: German (Native).

How many years of experience does Steffen have?

Steffen has at least 32 years of experience. During this time, Steffen has worked in at least 13 different roles and for 12 different companies. The average length of individual experience is 2 years and 5 months. Note that Steffen may not have shared all experience and actually has more experience.

What roles would Steffen be best suited for?

Based on recent experience, Steffen would be well-suited for roles such as: Data Protection Officer and Information Security Consultant, Senior Consultant for Information Security and Data Protection, Data Privacy Expert – BayLfSt Staff Unit.

What is Steffen's latest experience?

Steffen's most recent position is Data Protection Officer and Information Security Consultant at Mobility inside Plattform GmbH.

What companies has Steffen worked for in recent years?

In recent years, Steffen has worked for Mobility inside Plattform GmbH, glacier-ac GmbH, secunet Security Networks AG, and Self-employed.

Which industries is Steffen most experienced in?

Steffen is most experienced in industries like Information Technology, Construction, and Retail. Steffen also has some experience in Professional Services, Advertising, and Government and Administration.

Which business areas is Steffen most experienced in?

Steffen is most experienced in business areas like Information Technology, Project Management, and Accounting. Steffen also has some experience in Customer Service, Sales, and Legal.

Which industries has Steffen worked in recently?

Steffen has recently worked in industries like Professional Services, Information Technology, and Government and Administration.

Which business areas has Steffen worked in recently?

Steffen has recently worked in business areas like Legal, Information Technology, and Quality Assurance.

What is Steffen's education?

Steffen attended Bebo-Wager-Berufsschule Augsburg for Radio and Television Technician.

Does Steffen have any certificates?

Steffen has 8 certificates. Among them, these include: Lead Auditor ISO 27001, Lead Auditor ISO 27701, and BSI IT Baseline Protection Practitioner.

What is the availability of Steffen?

Steffen will be available full-time from April 2026.

What is the rate of Steffen?

Steffen's rate depends on the specific project requirements. Please use the Meet button on the profile to schedule a meeting and discuss the details.