Steffen Lotze - Data Protection Officer and Information Security Consultant

Q: Where is Steffen based?

Steffen is based in Grafrath, Germany and can operate in on-site , hybrid , and remote work models.

Q: What languages does Steffen speak?

Steffen speaks the following languages: German (Native) .

Q: How many years of experience does Steffen have?

Steffen has at least 34 years of experience. During this time, Steffen has worked in at least 14 different roles and for 13 different companies . The average length of individual experience is 2 years and 5 months . Note that Steffen may not have shared all experience and actually has more experience.

Q: What is Steffen's latest experience?

Steffen's most recent position is Consultant for BSI IT Baseline Protection and ISO 27701 at German Society for International Cooperation .

Q: What companies has Steffen worked for in recent years?

In recent years, Steffen has worked for German Society for International Cooperation , Mobility inside Platform GmbH , glacier-ac GmbH , secunet Security Networks AG , and Self-employed .

Q: Which industries is Steffen most experienced in?

Steffen is most experienced in industries like Information Technology , Construction , and Retail . Steffen also has some experience in Professional Services , Advertising , and Government and Administration .

Q: Which business areas is Steffen most experienced in?

Steffen is most experienced in business areas like Information Technology , Project Management , and Accounting . Steffen also has some experience in Customer Service , Sales , and Legal .

Q: Which industries has Steffen worked in recently?

Steffen has recently worked in industries like Professional Services , Information Technology , and Government and Administration .

Q: Which business areas has Steffen worked in recently?

Steffen has recently worked in business areas like Legal , Information Technology , and Quality Assurance .

Recommended expert

Grafrath, Germany

Check rate

Experience

Jun 2024 - Mar 2025

10 months

Hybrid

Consultant for BSI IT Baseline Protection and ISO 27701

German Society for International Cooperation

Support in setting up and further developing the information security management system
Collaboration with external consultants in the certification team for the support structure
Participation in project planning, identifying and implementing necessary measures according to BSI IT Baseline Protection
Professional support for in-house subject matter experts in preparing documents required for certifications
Execution of tasks according to BSI 200-2

Feb 2023 - Mar 2024

1 year 2 months

Frankfurt am Main, Germany

Data Protection Officer and Information Security Consultant

Mobility inside Platform GmbH

Development of concepts and guidelines for the departments in HR, product management, development, and IT administration as well as all company-wide guidelines
Consulting on setting up and managing the record of processing activities (RPA)
Reviewing and enhancing contracts under Article 28 GDPR
Reviewing and enhancing documents under Articles 44 et seq. GDPR
Conducting individual and group trainings (~10 people) up to the executive level (C-level)
Data protection contact person for public transport associations across Germany
Preparation for BSI IT Baseline Protection certification readiness

Achievements:

Development of a database-supported generation of customer-specific privacy statements
Smoothing relations with all transport companies through structured communication, argumentation, and delivery of quality

Jul 2022 - Oct 2022

4 months

Unterschleißheim, Germany

Senior Consultant for Information Security and Data Protection

glacier-ac GmbH

Setting up management systems to meet the requirements of TISAX, ISO 27001, and GDPR for OEM customers and suppliers at TISAX assessment levels 1 and 2

Sep 2019 - Jun 2022

2 years 10 months

Munich, Germany

Data Privacy Expert – BayLfSt Staff Unit

secunet Security Networks AG

Preparation and execution of data protection audits in the ELSTER information network, including data protection impact assessments (DPIAs)
Conducting ISO 27001/BSI IT Baseline Protection audits in an official environment
Information security trainings
Creation and revision of the logging policy, cryptography concept, backup concept, training concept, home office policy, document control policy, and data and asset classification policy
Introduction of new IT clusters into the ISMS scope

Achievements:

Significant improvement of data protection quality and documentation in the ELSTER and authega information clusters for the Bavarian State Office for Taxes (BayLfSt)
ELSTER was fully audited for data protection in 2022

Nov 2018 - May 2026

7 years 7 months

Germany

Data Protection Officer

Self-employed

Managing clients as an external data protection officer
Advising on information security projects and data protection policies
Risk factor analysis and identification of protective measures

Clients:

MAGNA sweets GmbH
moving GmbH
NAVUM GmbH
Projektil GbR

May 2017 - Jun 2018

1 year 2 months

Magdeburg, Germany

Software Consultant for ERP Systems

SelectLine Software GmbH

Aligning requirements in the requirements document with the ERP software's features (SCOR processes, warehouse logistics, CRM, accounting)
Presenting the ERP software on-site using customer-specific process examples to management, departments, and key users
Documentation in BPMN

Dec 2016 - Mar 2017

4 months

Germering, Germany

ERP Consultant for ERP Systems

Step Ahead AG

Planning and launching ERP projects
Customizing the GUI and adapting it to customer processes

Jun 2016 - Nov 2016

6 months

Starnberg, Germany

Inside Sales Executive / Technical Presales

estos GmbH

Technical support for partners and existing customers
Product presentations and customer consulting

Mar 2014 - May 2016

2 years 3 months

Munich, Germany

Technical employee in the IT department

Bavaria Direktmarketing GmbH

Import and export of data, data validation, enrichment, preparation and analysis in Excel
Training apprentices

Mar 2013 - Feb 2014

1 year

Germany

SEO Agency

Self-employed

Market analysis to check the viability of an SEO agency
Creating various websites and implementing SEO measures

Apr 2010 - Feb 2013

2 years 11 months

Munich, Germany

Project Manager and CRM Consultant

CuT Alexander v. Sivers

Responsibility for the company-wide roll-out of the CRM software at customers of the IT system house
Customizing the software interface and aligning it with customer processes
1st and 2nd level support for CRM software
Introduction of a commercial document structure and monitoring document flow
Implementation of measures to reduce the open items volume

May 2000 - Mar 2010

9 years 11 months

Germany

Owner and Managing Director

Medienhaustechnik Lotze

Acquisition, planning and execution of high-end media technology projects for private clients during the construction phase in the DACH region
Programming and design of GUIs to control entertainment electronics in heterogeneous environments and integration into building management systems
Regular analysis of the business management report, trial balance, and open item lists

Feb 1998 - Apr 2000

2 years 3 months

Munich, Germany

Member of the Sales Staff Certification Committee and Managing Director

Hifi-Forum München GmbH

Ensuring the company's order situation
Shaping business policy within the framework of the franchise agreement

Mar 1992 - Jan 1998

5 years 11 months

Retail Salesperson and Internal Sales Representative

ELO-Touch Systems GmbH; AVNET Alfapower GmbH; Radio Arndt Inh. Harald Behr

Industry Experience

See where this freelancer has spent most of their professional time.

Experienced in Information Technology, Construction, Professional Services, Retail, Government and Administration, and Advertising.

Information Technology

Construction

Professional Services

Retail

Government and Administration

Advertising

Business Area Experience

See which departments and functions this freelancer has contributed to most.

Experienced in Information Technology, Project Management, Accounting, Customer Service, Sales, and Legal.

Information Technology

Project Management

Accounting

Customer Service

Sales

Legal

Summary

As an experienced data protection expert, I have been implementing information security and data protection projects since 2018 to ensure the security of sensitive data.

My primary goal is to strengthen the company's compliance and ensure that the company meets the requirements of NIS-2 and the GDPR.

As a consulting personality in your company, I communicate on equal terms with employees and executives and shape the processes and their implementation with you.

For me, it's about demonstrating compliance with the requirements of data protection, information security, trade secret law, and the AI Act. The key to implementation is identifying the risk factors in your company.

Skills

Complex Products
High-Quality Products
Close To The Customer
Legal Certainty And Innovation

Languages

German

Native

Education

Sep 1988 - Feb 1992

Bebo-Wager Vocational School Augsburg

Intermediate School Certificate · Radio and Television Technician · Augsburg, Germany · 2.5

Certifications & licenses

Data Protection Auditor

GDD · Bonn, Germany

Lead Auditor ISO 27001

TÜV Süd · Munich, Germany

Lead Auditor ISO 27701

QSkills · Nuremberg, Germany

BSI IT Baseline Protection Practitioner

qSkills GmbH & Co. KG · Essen, Germany

IT Security Manager

TÜV Rheinland · Munich, Germany

Quality Officer

Trainer Certification Examination

IHK for Munich and Upper Bavaria · Munich, Germany

ISB

TÜV Rheinland · Munich, Germany

DSB

Statistics

Experience

Total positions 14

Experience in Information Technology 25 y

Avg length 2 y 8 m

Longest experience 9 y 10 m

Global Experience

Countries worked in 1 (Germany)

Primary country Germany

Expertise

Recent roles Consultant for BSI IT Baseline Protection and ISO 27701, Data Protection Officer and Information Security Consultant, Senior Consultant for Information Security and Data Protection

Main industries Information Technology, Construction, Professional Services

Main business areas Information Technology, Project Management, Accounting

Qualifications

Certifications earned 9

Profile

Created

August 2024

Last Update

May 2026

Need a freelancer? Find your match in seconds.

Try FRATCH GPT

Frequently asked questions

Have questions? Find more information here.

Where is Steffen based?

Steffen is based in Grafrath, Germany and can operate in on-site, hybrid, and remote work models.

What languages does Steffen speak?

Steffen speaks the following languages: German (Native).

How many years of experience does Steffen have?

Steffen has at least 34 years of experience. During this time, Steffen has worked in at least 14 different roles and for 13 different companies. The average length of individual experience is 2 years and 5 months. Note that Steffen may not have shared all experience and actually has more experience.

What roles would Steffen be best suited for?

Based on recent experience, Steffen would be well-suited for roles such as: Consultant for BSI IT Baseline Protection and ISO 27701, Data Protection Officer and Information Security Consultant, Senior Consultant for Information Security and Data Protection.

What is Steffen's latest experience?

Steffen's most recent position is Consultant for BSI IT Baseline Protection and ISO 27701 at German Society for International Cooperation.

What companies has Steffen worked for in recent years?

In recent years, Steffen has worked for German Society for International Cooperation, Mobility inside Platform GmbH, glacier-ac GmbH, secunet Security Networks AG, and Self-employed.

Which industries is Steffen most experienced in?

Steffen is most experienced in industries like Information Technology, Construction, and Retail. Steffen also has some experience in Professional Services, Advertising, and Government and Administration.

Which business areas is Steffen most experienced in?

Steffen is most experienced in business areas like Information Technology, Project Management, and Accounting. Steffen also has some experience in Customer Service, Sales, and Legal.

Which industries has Steffen worked in recently?

Steffen has recently worked in industries like Professional Services, Information Technology, and Government and Administration.

Which business areas has Steffen worked in recently?

Steffen has recently worked in business areas like Legal, Information Technology, and Quality Assurance.

What is Steffen's education?

Steffen attended Bebo-Wager Vocational School Augsburg for Radio and Television Technician.

Does Steffen have any certificates?

Steffen has 9 certificates. Among them, these include: Data Protection Auditor, Lead Auditor ISO 27001, and Lead Auditor ISO 27701.

What is the availability of Steffen?

Steffen will be available full-time from July 2026.

What is the rate of Steffen?

Steffen's rate depends on the specific project requirements. Please use the Meet button on the profile to schedule a meeting and discuss the details.