Companies today face hundreds of millions of dollars in fines for failing to comply with data protection and data privacy rules, fueling a wave of organizations and their users taking data protection more seriously. One of its by-products is the emergence of new technologies to meet the increase in activity.
Data Guard is a Munich-based startup that has leaned toward a SaaS-based business model, offering privacy, information security, and other data protection as a series of on-demand, cloud-based “as-a-service” tools to small and medium-sized businesses to large enterprises , today announced that it has secured $61 million in a Series B round led by Morgan Stanley Expansion Capital to double down on the market.
The investment also includes UK venture capital firm One Peak, which led DataGuard’s last funding round of $20 million in 2020, the startup’s first-ever outside funding. Bastian Nominacher (Co-Founder/Co-CEO of Celonis), Hanno Renner (Co-Founder/CEO of Personio) and Carsten Thoma (Founder of Hybris) will also participate
DataGuard did not disclose its valuation. But as another sign of its performance, the startup has continued to grow despite the broader contraction we’ve seen in tech. It now has more than 3,000 customers in more than 50 countries, who in turn provide tools to reach more than 40 million individual users (employees, customers and other stakeholders). That’s triple the 1,000 customers in 2020. While DataGuard didn’t disclose specific revenue numbers, it said revenue was also growing, growing around 10 times last year. Its definition of SMB is somewhat shaky and includes the larger mid-market end user: the client list includes familiar names like Canon, Hyatt and UNICEF.
DataGuard offers a range of privacy, information security and compliance tools that can assess the different ways organizations use data. It analyzes this data to determine if the company is compliant with various certifications (such as GDPR, CCPA, ISO 27001, TISAX or SOC 2); if not, what it needs to do to become compliant.
The basic idea behind DataGuard is that while a large enterprise may have teams of in-house employees — lawyers, engineers, and data scientists — dedicated to monitoring, enforcing, and adjusting the organization’s data protection, privacy, and compliance policies (even though there are many People and budgets pile on top, often still error); a smaller organization may have fewer human resources, but the task to be handled is just as daunting.
Its target audience, Thomas Regier (pictured above left, he is co-CEO and co-founder of Kivanc Semen, pictured right) is “people who may have only one IT security guy” who may be cybersecurity experts, but are not Data Security. He added that some of its clients may not have in-house security experts at all: the task of how to ensure data protection is enforced legally and soundly falls to the marketing team: that’s because online interaction with individuals is a task. Data protection is designed to cover key areas, so in some cases it may be those who use this data who are responsible for ensuring that it is done correctly.
“We built this for civilians,” he said.
To be sure, marketing—especially the cookie and data consent interfaces related to marketing and “analytics”—has been the most visible face of data privacy and protection for many of us over the past few years. Driven by GDPR and other regulations, we are now seeing these consent windows every day, with many companies lamenting how the “no-all” epidemic is affecting profits. The big headlines we read about data protection breaches tend to be about the same: In one example earlier this month, Instagram was fined more than $400 million for misusing children’s data in Europe under GDPR rules.
But there’s additional pressure these days on top of the very bad publicity the company has been given by the exposure of the fine investigation in the media, Regier said:
“Marketing is a huge piece of the puzzle, but the second part is that companies are protecting their customer data,” he said. “They need to support that. They have no choice because if they don’t, they’re going to lose these customers now. It’s gone beyond the fig leaf and into the heart of the business.” And then, right away, Cyber insurance premiums soar, another indication of how businesses can be financially impacted when they don’t implement strong security and data protection. (It is debatable whether these premiums other reasons, However. )
The third important driver that DataGuard sees among its customers is business pressure. That said, organizations are now increasingly proactive in vetting partners to ensure they are proactively and reactively accountable when things go wrong.
Interestingly, using a mechanism that sounds very similar to how data brokers themselves operate, DataGuard can also look at how third parties and customers are using a company’s data to determine where there might be non-compliance, or alert these when an incident occurs Any data from third parties has been leaked. Getting the bigger picture is becoming increasingly important as part of the vetting process companies go through when dealing with purchasing transactions, underscoring that it’s not just about securing the business-critical nature of the work.
The compliance part of the business is a relatively new area, but the company will use some of these investments to continue to grow. It may also open the door for DataGuard to offer similar services to review more aspects of security and data protection, such as when it crosses into data networking and endpoint management.
That, combined with DataGuard growing so fast with little outside funding, is why investors have been knocking on doors.
Morgan Stanley’s Lincoln Isetta, MD, said: “At a time when the amount of sensitive data businesses must process to operate is growing exponentially, data privacy, information security and compliance have become a global issue for regulators, businesses and organizations. An area of growing consumer concern.” Expansion Capital, in a statement. “It is clear from our efforts that DataGuard’s unique all-in-one platform allows customers to go beyond simple ‘checkbox’ compliance, information security and data privacy practices to manage data as a competitive advantage. We It’s a pleasure to join the DataGuard team and look forward to helping them build on their success.”
“DataGuard’s strong growth since our initial investment speaks to the drive and execution of the founders and their leadership team. DataGuard has helped create a new category that is massive and business-critical,” One Peak Managing partner David Klein and partner Christoph Mayer added in a joint statement. “Enterprises will be investing tens of billions of dollars in compliance and security over the next decade to become and continue to be trusted partners. Back in 2020, we became DataGuard’s first institutional investor, and we are excited to be We are excited to double our investment to support the company to further accelerate its growth trajectory and expand its geographic reach.”