In their search for a new technical challenge, founders Johannes Hussak and Alexander Prams happened to meet a lawyer. Kilian Schmidt already had the idea of Kertos in mind. The lawyer with a doctorate had worked in several startups in the years before, and everywhere the topic of data protection determined everyday life, much to the suffering of some employees. The current solutions were all of no help in providing real relief for operational activities such as information, deletions or the regular recording of processing operations in the Public Directory of Procedures. And so it was a happy coincidence that he met Johannes and Alexander. The two had gained experience in business and product innovation and management in the years before and most recently founded the consulting startup Aitaro together. The idea of launching Kertos also convinced the employees there, with the result that all of them moved along to the new startup. Johannes: "We are very proud of that! We are a well-coordinated tech team."
The idea behind Kertos: The startup took the disaster that is triggered when data protection requests are made in companies as an opportunity to simplify all related processes. Their first enterprise customers faced various problems. It was often unclear at first what specific data the people concerned were asking for, where and in what form it existed, or who in the company was responsible for it. Johannes: "We experienced that up to 15 people were involved in these processes. For many, the issue got out of hand." So the startup developed a tool that first connects the IT infrastructure via interfaces and then scans it like an X-ray machine. Requested data and information are thus collected and displayed throughout the IT infrastructure at the touch of a button. In addition, artificial intelligence ensures that the system learns from the decisions that the data protection officer subsequently makes.
In collaboration with CISPA, Kertos has set out to make data subjects' data even more secure. This is because when a company orders the processing of personal data, the data is passed on to Kertos, displayed for a short period of time, and then deleted. To make this process even less vulnerable, a zero-trust architecture is designed to minimize the flow of information. Johannes: "As a result, only encrypted information reaches us. The real data is not shared with us, which means this setup doesn't pose a risk to either side. We automate the commands and the info always stays with the customer."
Just a few months after launch, Kertos had big-name customers and is now supporting secure and automated personal data management in live operations. This saves companies a tremendous amount of time and money, and brings data protection to a point that makes co-founder and attorney Kilian happy: "Data protection is finally automated and the operational burden is no longer shifted to employees." The startup was supported by a pre-seed funding round of more than one million euros in February 2022, with lead investor 10x Founders. The round is complemented by xdeck, Superlyst Ventures and several business angels, including wefox founder Fabian Wesemann and Gorillas founder Ronny Shibley.