Data privacy compliance made simple.

Our mission.


Our mission is to provide businesses and organizations with industry-leading data regulation compliance expertise at a competitive price.

We are dedicated to helping businesses become and stay compliant with GDPR, CCPA, PIPEDA, and other global data privacy regulations. We have a deep understanding of data privacy regulation, and our team of certified professionals provides your organization with solutions that are tailored to your specific needs.

Collegium Auditores is known in Europe as a reliable and efficient company with a great price-performance ratio. After working with North American companies for years, we have decided to incorporate in the USA and Canada to provide our business model in North America.

Our story.

 

Collegium Auditores GmbH was founded in Germany in 2018 by Andreas H. Schmidt LL.M.

Andreas began his professional career serving the German military for 12 years. After leaving the military, Andreas pursued a law degree and developed an interest in data security. He began his data privacy career as an IT Auditor and Data Protection Officer (DPO) at a state bank where he worked for 10 years.

After leaving the state bank, Andreas became a chartered auditor and worked as a senior manager where he provided IT audits and data protection audits.

Since 2004, Andreas has been working for the international association of IT auditors and IT governance experts (ISACA) as a specialist group leader. In 2018, he was elected vice president of the ISACA Germany Chapter. During this time, he professionalized the chapter management and provided important connections in industry and politics. Today, the chapter of the has over 3500 members.

Andreas also devotes time to educating as a highly sought-after private lecturer for international universities, such as the Cologne Business School and the European University of Applied Sciences.  

Andreas holds the relevant certificates:

  • Certified Information Systems Auditor (CISA)

  • IT Compliance Auditor (ISO/IEC 27001)

  • Data Privacy Expert (Certified Data Privacy Solutions Engineer - CDPSE)

  • CIPP/E Certified

Company history.

 

Collegium Auditores was founded in Germany in 2018. Since then, the company has received ever-increasing levels of interest from North American companies that have business operations in Europe and have to become compliant with the European General Data Protection Regulation.

Companies from the United States and Canada doing business in Europe faced increasing data privacy demands with the European General Data Protection Regulation, creating significant risks for their business in Europe.

In addition, there was a great demand from British companies trying to successfully maintain their business in Europe after the Brexit, and therefore choosing the route via Canada.

All of this led to the founding of two satellite offices in 2021. One office in Toronto, ON to serve our Canadian clients, and one in Phoenix, AZ to serve our American clients.

These satellite offices were an initiative put forth by Collegium Auditores to better meet the needs of our North American clients by working in similar time zones and billing in US and Canadian dollars.

The primary contact for North America is Sven Steindorff, a corporate partner and co-owner based out of Toronto and Phoenix. Sven has worked for Collegium Auditores in various functions since 2018. 

  • Andreas H. Schmidt

    PRESIDENT

    Andreas has more than 20 years of expertise in the field of information technology and data privacy. He has worked as an auditor, consultant, and data protection officer for a long list of prominent public and private organizations in a variety of industries.

    Andreas is a certified information systems auditor (CISA), certified data privacy solutions engineer (CDPSE), IT Compliance Auditor (ISO/IEC 27001), CIPP/E Certified, ex-Vice President of ISACA Germany, and a member of the International Association of Privacy Professionals (IAPP).

  • Sven Steindorff

    VICE PRESIDENT

    After a 30-year career in the Property & Casualty Insurance Industry in North America, Sven brings valuable audit, compliance, and operational experience to Collegium Auditores. Sven is bilingual in German and English and as a part-time resident in the USA he serves as Vice President for North America. Sven is eager to assist with liaisons across the Atlantic to service North American clients with EU Data Privacy needs. With incorporation in Canada, he became a partner in the business in 2021.

  • Jörg Spöcker

    GDPR PROJECT CONSULTANT

    Jörg Spöcker finished his law school in Giessen, Germany, and started working for Collegium Auditores GmbH in March 2021. He is a GDPR Project Consultant. He is a certified Kritis Auditor gem § 8a BSIG.

    Jörg is fluent in English and has been a valuable resource for our US clients. You can reach out with any questions to spoecker@collegium-auditores.de

You’re In the Right Place If…

 

You're in the right place if you need help becoming and staying compliant with global data privacy regulations including the GDPR, CCPA, and PIPEDA.

If you collect consumer data, Collegium Auditores can help you navigate the world of data privacy compliance and avoid potentially hefty fines.

We do things different.

  • Maintain high data privacy standards in accordance with the GDPR, CCPA and PIPEDA legislation.

    Collegium Auditores is dedicated to helping organizations protect the privacy of their customers’ data. By complying with the GDPR, CCPA and PIPEDA legislation, we ensure your organization keeps its customers’ data confidential and secure.

  • Help businesses navigate these regulations so you can have peace of mind and focus on running your business.

    As privacy legislation continues to evolve, we stay up-to-date on the latest changes and ensure that our services are compliant. This way, you can focus on your business goals, knowing that your customer data is safe with us.

  • Help companies from the US, Canada or the UK establish maintain GDPR compliance in the EU by providing a DPO service based in Europe in accordance with Article 27 (GDPR).

    Organizations that need to comply with GDPR but do not have a physical presence in the EU can choose to appoint an EU representative. The GDPR requires this representative to be based in the EU (Article 27 GDPR) and have contact details published on the organization’s website.