Data protection in consulting


When using digital toothbrushes and other IoT devices, it is important to consider data protection.

Data protection in consulting

Empowering Transformation Through Data Security:   Energy factory St. Gallen's ISO 27001 Journey with Priverion


In a world where leadership and cultural transformation are paramount,  energy factory St. Gallen stands as a beacon of consultancy excellence. Their mission is to guide organizations through the complex journey of transformation and they recognized early on that data security and ISO 27001 certification were essential components of this process. To strengthen their commitment to privacy and data protection,  energy factory St. Gallen turned to Priverion for support. As a long-term partner, this collaboration went beyond a one-time project. Priverion and energy factory St. Gallen engaged in a series of initiatives, from data processing agreement negotiations to vulnerability scanning and information security management. This short description unveils the remarkable journey of energy factory St. Gallen towards ISO 27001 certification and the cloud-first approach that ultimately ensured their resilience during the challenges of the COVID-19 pandemic.

Energy factory St. Gallen is no stranger to transformation. As a consultancy specializing in leadership and cultural change, they understand the significance of leading by example. Privacy and data protection compliance, along with ISO 27001 certification, were essential to their commitment to the highest standards of professionalism. Their goals were clear:

1. Achieve ISO 27001 certification to enhance data security.

2. Strengthen information security maturity.

3. Prepare for the unforeseen and seamlessly transition to remote work when needed.

The Priverion Approach: The Trusted Partner

Energy factory St. Gallen had enjoyed a longstanding partnership with Priverion, which was instrumental in their journey toward achieving these objectives. Priverion's expertise in data protection, privacy and information security made them the ideal partner for this multifaceted project.

Gap Analysis and Gap Closure

To begin, Priverion conducted a thorough gap analysis, identifying areas where the energy factory St. Gallen needed to refine and align with ISO 27001 standards. The results were comprehensive, showing the necessary steps to fortify their data security.

Collaborative Projects

What sets this partnership apart is the range of collaborative projects undertaken over the years:

• Data Processing Agreement Negotiations: Priverion played a pivotal role in negotiating data processing agreements, ensuring that the consultancy's data processing practices met the highest compliance standards.

• Vulnerability Scanning: Priverion's vulnerability scanning services provided crucial insights into potential security weaknesses, allowing for proactive mitigation.

• Information Security Management: An effective information security management system was implemented to guarantee the highest levels of security for all data assets.

ISO 27001 Certification and the Cloud-First Approach

The culmination of these efforts was the achievement of ISO 27001 certification in 2020. This globally recognized certification symbolizes the Energy factory St. Gallen's commitment to data security and information protection. Moreover, they embraced the "cloud-first" approach, ensuring that their data assets were not only secure but accessible from any location.

Seamless Transition to Remote Work

The timing of their ISO 27001 certification could not have been more providential. Shortly after, the COVID-19 pandemic struck, necessitating a swift transition to remote work. Thanks to their forward-thinking approach and meticulous preparations the energy factory St. Gallen seamlessly transitioned to a remote work environment. The security measures in place ensured that their data remained safe and the information security maturity they had achieved was put to the test and prevailed.


The journey of the energy factory St. Gallen with Priverion exemplifies the power of long-term partnerships and strategic planning in the realm of data security and ISO 27001 certification. By prioritizing data protection and working collaboratively on various projects the energy factory St. Gallen enhanced their information security maturity and readiness. The attainment of ISO 27001 certification coupled with the cloud-first approach not only fortified their data security but also enabled a seamless transition to remote work during an unprecedented crisis.

As organizations grapple with the challenges of an ever-evolving digital landscape, the energy factory St. Gallen's success story stands as a testament to their commitment to data security, their resilience and the enduring partnership with Priverion, a partnership that ensures they remain at the forefront of leadership and cultural transformation.

"Priverion has been our steadfast partner in achieving ISO 27001 certification and fortifying data security. Their expertise and collaborative approach made us resilient during the challenges of the COVID-19 pandemic, showcasing the transformative power of long-term partnerships."

Senior Consultant, Energy Factory St. Gallen AG

Customer reviews

“Priverion made it possible to standardize our global privacy efforts over our different local organizations and drive efficient marketing solutions.”

Sunstar Group — Digital Transformation Strategy & Services

"Mit Hilfe von Priverion hat sich Careerfairy als vertrauenswürdige und konforme Plattform etabliert. Sie haben unseren Verkaufsprozess optimiert, und die Einhaltung des Datenschutzes sichergestellt. Der Erfolg unserer Partnerschaft unterstreicht die Bedeutung der Priorisierung von Datenschutz und Transparenz mit Experten wie Priverion."

Careerfairy AG — CEO

"Die Zusammenarbeit von FunctionHR mit Priverion zeigt, wie Fachwissen im Datenschutz und die ISO 27001-Zertifizierung die Geschäftsexpansion vorantreiben können. Gemeinsam haben wir die Datensicherheit in einen Wettbewerbsvorteil verwandelt, der es FunctionHR ermöglicht, mit Vertrauen und Zuversicht in neue Märkte vorzudringen."

functionHR GmbH — CEO

"Priverion hat es uns ermöglicht, die angemessenen Datenschutzrichtlinien für unseren Gesundheitssektor umzusetzen. Ihre Expertise unterstütz uns, unserer Verpflichtung zu Datensicherheit und Compliance gerecht zu werden."

openmedical AG — Product Management