Boutique Law Firm

Powered byLegal ExpertiseCommitted toTechnology

We help organizations navigate GDPR, the AI Act, and EU digital regulation — combining deep legal expertise with proprietary legal tech tools that make compliance practical, faster, and more efficient.

Let's Talk Explore Services

10+ Years Experience◆GDPR & EU AI Act Specialist◆AI Officer◆Bilingual DE/EN◆Proprietary Compliance Tools◆Artificial Intelligence◆Digital & Online Law◆Online Marketing & AdTech◆Data & Cloud◆Cyber & IT Security◆10+ Years Experience◆GDPR & EU AI Act Specialist◆AI Officer◆Bilingual DE/EN◆Proprietary Compliance Tools◆Artificial Intelligence◆Digital & Online Law◆Online Marketing & AdTech◆Data & Cloud◆Cyber & IT Security◆10+ Years Experience◆GDPR & EU AI Act Specialist◆AI Officer◆Bilingual DE/EN◆Proprietary Compliance Tools◆Artificial Intelligence◆Digital & Online Law◆Online Marketing & AdTech◆Data & Cloud◆Cyber & IT Security◆10+ Years Experience◆GDPR & EU AI Act Specialist◆AI Officer◆Bilingual DE/EN◆Proprietary Compliance Tools◆Artificial Intelligence◆Digital & Online Law◆Online Marketing & AdTech◆Data & Cloud◆Cyber & IT Security◆

Services

Digital Law for the AI Era

Advice on data protection (GDPR, ePrivacy), AI (EU AI Act), and other EU digital regulations (Data Act, DSA), supported by proprietary compliance tools.

Artificial Intelligence & AI Act

Risk classification, compliance roadmaps, AI governance, documentation, and Art. 4 competency training.

AI Act · Governance · Training

Data Protection, GDPR & ePrivacy

Full-spectrum and strategic privacy advisory, DPIAs, breach response, international transfers, and external DPO services.

GDPR · ePrivacy · BDSG · TDDDG

Digital & Online Law

DSA, DMA, DDG — navigating the EU's digital regulation stack for platforms, apps, and SaaS.

DSA · DMA · DDG

Online Marketing & AdTech

Cookie compliance, consent management, tracking frameworks, ePrivacy requirements, and unfair competition law.

ePrivacy · Cookies · TCF · UWG

Data & Cloud

EU Data Act compliance, cloud contracts, SaaS agreements, IoT data sharing.

Data Act · Cloud · IoT

Cyber & IT Security

NIS2, DORA, Cyber Resilience Act — regulatory compliance and incident response.

NIS2 · DORA · CRA

Approach

Not just advice.
Legal infrastructure.

Most firms tell you what the law requires. We also develop and use legal tech tools that help you implement the requirements. Proprietary compliance tools transform complex regulations into structured, verifiable, and efficient workflows.

Proprietary assessment tools — for AI Act & GDPR

Automated documentation — audit-ready reports

Technical + legal fluency — both languages natively

Subscription models — ongoing support

onezero-compliance-engine

$

Data Protection◆AI Act Compliance◆GDPR◆NIS2◆Digital Services Act◆Cyber Resilience◆Data Act◆ePrivacy◆AI Governance◆DPIA◆Data Protection◆AI Act Compliance◆GDPR◆NIS2◆Digital Services Act◆Cyber Resilience◆Data Act◆ePrivacy◆AI Governance◆DPIA◆Data Protection◆AI Act Compliance◆GDPR◆NIS2◆Digital Services Act◆Cyber Resilience◆Data Act◆ePrivacy◆AI Governance◆DPIA◆Data Protection◆AI Act Compliance◆GDPR◆NIS2◆Digital Services Act◆Cyber Resilience◆Data Act◆ePrivacy◆AI Governance◆DPIA◆

AI Act

Are you prepared ?

The EU AI Act is already in force. Key deadlines are approaching fast.

Feb 2025

Prohibited Practices

In force. Bans on manipulative AI, social scoring, real-time biometric identification, and emotion recognition in certain contexts.

Aug 2025

AI Literacy & GPAI

In force. AI literacy obligations for all organizations (Art. 4) and transparency rules for general-purpose AI model providers.

Aug 2026

High-Risk Systems

Upcoming. Full compliance required for Annex III high-risk AI: risk management, data governance, technical documentation, and conformity assessments.

Aug 2027

Full Application

All remaining provisions apply, including Annex I high-risk AI systems embedded in existing EU product legislation.

Not sure where your AI systems fall?
We'll classify and build your compliance roadmap.

Get Assessment

Tools

Compliance Tools

Proprietary legal tech built in-house. Explore our tools — some are free to use, no signup needed.

We develop our compliance tools in-house using AI-powered technologies and deep legal expertise — each solution is precisely tailored to a specific workflow, translating our knowledge and experience into a practical, reliable application.

Need a tailored solution? We also build custom compliance tools for clients, legal teams and law firms — designed around your specific workflows.

OneZero AI Agent

>

Beta

LIA Tool — Legitimate Interest Assessment

Conduct a structured Legitimate Interest Assessment aligned with EDPB Guidelines 1/2024. AI-powered drafting and compliance auditor review — with downloadable PDF report.

Launch Tool

Coming Soon

AI Act Risk Classifier

Classify your AI systems under the EU AI Act risk categories. Get a detailed compliance obligation report.

Launch Tool

Coming Soon

Breach Response Sentinel

GDPR breach assessment using ENISA methodology. 72-hour notification guidance with severity scoring.

Launch Tool

Coming Soon

DPIA Assessment Tool

Structured Data Protection Impact Assessment with automated risk scoring and mitigation suggestions.

Launch Tool

AI Skills

Compliance Skills We Built

Reusable AI-powered compliance automations built on the open-source Skills format for AI coding agents pioneered by Anthropic. Each skill encodes deep regulatory knowledge into structured, repeatable workflows and outputs — ready to deploy in any compatible AI development environment.

All skills are available as free downloads (.zip). Please review the included license terms (AGPL-3.0) before use.

SKILL.md

---
name: GDPR Breach Sentinel
version: 2026.02.09
description: Incident response & breach notification
tags: [breach, art-33, art-34, enisa]
output: .docx
---
BREACHART. 33-34INCIDENT RESPONSE

Incident Response

GDPR Breach Sentinel

Elite incident response and breach notification guidance under GDPR Articles 33 & 34. ENISA severity scoring, EDPB case matching, cross-border supervisory authority determination, and audit-ready .docx generation.

BREACHART. 33-34INCIDENT RESPONSE

Details

Risk Assessment

DPIA Sentinel

Comprehensive Data Protection Impact Assessment under GDPR Article 35. 9-criteria EDPB threshold analysis, national supervisory authority blacklist/whitelist checking, automated risk scoring, and prior consultation guidance.

DPIAART. 35RISK ASSESSMENT

Details

Multi-Jurisdiction

Privacy Notice Generator

Pan-EU privacy notice generator for any jurisdiction and audience. 5 notice types, multi-jurisdiction support (DE/FR/AT/IT/ES/NL/BE/IE/UK), full Art. 13/14 GDPR compliance, and professional .docx output.

PRIVACY NOTICEART. 13-14MULTI-JURISDICTION

Details

Looking for more legal AI skills? Visit our friends at Lawvable

Discover Tools

Founder

About

Oliver Schmidt-Prietz

ATTORNEY AT LAW · LL.M. · DPO · AI OFFICER

Having worked across international law firms and senior in-house roles at tech/software companies, I combine deep regulatory expertise with hands-on technical capability. I don't just advise on compliance — I build the tools that make it work more efficiently.

My legal focus is EU Data Protection (GDPR), AI regulation (AI Act), Data and IT law: Strategic advisory for organizations and developing tailored solutions.

GDPREU AI ActDSA/DMANIS2Data ActePrivacyLegal TechAI Governance

Learn More