Annina Fittkau

Expertise Annina Advises Experience Highlights Career History

Partner

Technology Compliance, Data Protection & Cybersecurity

+49 156 7971 4815

Expertise

Annina Fittkau is a lawyer and certified data protection officer with expertise at the intersection of law, technology, and compliance. She specialises in ensuring the legal compliance of software, data flows, and governance frameworks for data protection and IT compliance. She advises companies on implementing regulatory, technical, and organisational requirements in digital environments – from introducing new software solutions and deploying AI, Agentic AI, and bots to developing secure and efficient data and system architectures.

A key focus of her work lies in managing technological risks. She supports organisations in designing IT systems, data flows, and automated processes that are legally compliant, efficient, and audit-ready. Her deep understanding of business processes, organisational structures, and data-driven value creation is rooted in many years of experience with leading law firms and professional services firms. She translates complex regulatory requirements into practical, actionable measures. Her advisory approach is strategic and solution-oriented, aimed at aligning legal certainty with technological innovation and operational efficiency.

Annina Advises

  • companies on the legally compliant introduction and use of software solutions, automation tools, and digital platforms – from system selection to implementation and audit readiness
  • on data protection and data usage in operational processes, for example in handling customer and employee data, the use of Software as a Service (SaaS), cloud services, or data exchange between systems
  • identifying and managing technological risks to ensure that IT systems, data flows, and processes are secure, efficient, and audit-ready
  • international technology projects, in particular the legally compliant deployment and adaptation of software across different regulatory environments
  • using data strategically and in compliance with regulations to create sustainable value in processes, decision-making, and innovation – for example through knowledge management and Agentic AI
  • designing and further developing software compliance frameworks, policies, and governance processes, as well as training employees to embed data protection, information security, and compliance sustainably within the organisation

Experience Highlights

  • Overall responsibility for risk management and IT compliance within a Big Four firm across the entire Contact-to-Cash cycle – from strategic oversight to the operational implementation of legally compliant design for all systems, data flows, AI agents, and bots.
  • Developed and implemented a firmwide, audit-ready policy for process and system documentation, including a clear governance framework defining roles, responsibilities, GDPR-compliant data management, and software management across the entire lifecycle.

  • EMEA-wide compliance leadership for an international software rollout, taking into account country-specific data protection and compliance requirements, and coordinating interdisciplinary project teams across multiple jurisdictions.

  • Designed and delivered practical training programmes on data protection, IT compliance, and responsible data use to strengthen the organisation’s compliance culture.

Career History

Previous Experience

  • 2021–2025: PwC, Berlin, Lawyer, Senior Manager & Team Lead – Technology Risk Management, IT & AI Compliance

Led the Process Integrity Team with overall responsibility for IT compliance and technology risk management across the Contact-to-Cash cycle. Advised on data protection, AI integration, and audit readiness in complex system landscapes.

  • 2020–2021: Deloitte, Berlin, Lawyer (Freelance) – Third-Party Risk Management

Contributed to an international compliance project for a global pharmaceutical company, reviewing and assessing business partners as part of a worldwide due diligence programme.

  • 2017–2019: KPMG Law, Berlin, Lawyer, Associate – Litigation & Dispute Resolution

Managed and strategically coordinated a large portfolio of legal proceedings. Worked closely with internal departments, external law firms, and corporate management to ensure efficient and risk-oriented case handling.

  • 2016–2017: Inventus, Berlin, Lawyer – Forensics & Internal Investigation

Analysed extensive legal documentation and datasets as part of internal investigations and regulatory proceedings. Supported international compliance projects.

  • 2016: Justus Rechtsanwälte, Berlin, Lawyer – Banking, Capital Markets & Insurance Law

Advised on supervisory and regulatory matters, claims management, and dispute resolution.

Education

  • Second State Examination in Law in 2015 at the Higher Regional Court of Schleswig-Holstein
  • First State Examination in Law in 2013 at Albert-Ludwigs-University Freiburg

 

 

 

 

Annina is a partner in gunnercooke GmbH, whose registered office is Kurfuerstendamm 15, 10719 Berlin, AG Charlottenburg, HRB 224488 B. All lawyers of gunnercooke GmbH are admitted either in Germany or Austria to practise as Rechtsanwalt or Rechtsanwaeltin and are members of and regulated by the relevant local Bar (Rechtsanwaltskammer).

Expertise

Back to top

Annina Fittkau is a lawyer and certified data protection officer with expertise at the intersection of law, technology, and compliance. She specialises in ensuring the legal compliance of software, data flows, and governance frameworks for data protection and IT compliance. She advises companies on implementing regulatory, technical, and organisational requirements in digital environments – from introducing new software solutions and deploying AI, Agentic AI, and bots to developing secure and efficient data and system architectures.

A key focus of her work lies in managing technological risks. She supports organisations in designing IT systems, data flows, and automated processes that are legally compliant, efficient, and audit-ready. Her deep understanding of business processes, organisational structures, and data-driven value creation is rooted in many years of experience with leading law firms and professional services firms. She translates complex regulatory requirements into practical, actionable measures. Her advisory approach is strategic and solution-oriented, aimed at aligning legal certainty with technological innovation and operational efficiency.

Annina Advises

Back to top
  • companies on the legally compliant introduction and use of software solutions, automation tools, and digital platforms – from system selection to implementation and audit readiness
  • on data protection and data usage in operational processes, for example in handling customer and employee data, the use of Software as a Service (SaaS), cloud services, or data exchange between systems
  • identifying and managing technological risks to ensure that IT systems, data flows, and processes are secure, efficient, and audit-ready
  • international technology projects, in particular the legally compliant deployment and adaptation of software across different regulatory environments
  • using data strategically and in compliance with regulations to create sustainable value in processes, decision-making, and innovation – for example through knowledge management and Agentic AI
  • designing and further developing software compliance frameworks, policies, and governance processes, as well as training employees to embed data protection, information security, and compliance sustainably within the organisation

Experience Highlights

Back to top
  • Overall responsibility for risk management and IT compliance within a Big Four firm across the entire Contact-to-Cash cycle – from strategic oversight to the operational implementation of legally compliant design for all systems, data flows, AI agents, and bots.
  • Developed and implemented a firmwide, audit-ready policy for process and system documentation, including a clear governance framework defining roles, responsibilities, GDPR-compliant data management, and software management across the entire lifecycle.

  • EMEA-wide compliance leadership for an international software rollout, taking into account country-specific data protection and compliance requirements, and coordinating interdisciplinary project teams across multiple jurisdictions.

  • Designed and delivered practical training programmes on data protection, IT compliance, and responsible data use to strengthen the organisation’s compliance culture.

Career History

Back to top

Previous Experience

  • 2021–2025: PwC, Berlin, Lawyer, Senior Manager & Team Lead – Technology Risk Management, IT & AI Compliance

Led the Process Integrity Team with overall responsibility for IT compliance and technology risk management across the Contact-to-Cash cycle. Advised on data protection, AI integration, and audit readiness in complex system landscapes.

  • 2020–2021: Deloitte, Berlin, Lawyer (Freelance) – Third-Party Risk Management

Contributed to an international compliance project for a global pharmaceutical company, reviewing and assessing business partners as part of a worldwide due diligence programme.

  • 2017–2019: KPMG Law, Berlin, Lawyer, Associate – Litigation & Dispute Resolution

Managed and strategically coordinated a large portfolio of legal proceedings. Worked closely with internal departments, external law firms, and corporate management to ensure efficient and risk-oriented case handling.

  • 2016–2017: Inventus, Berlin, Lawyer – Forensics & Internal Investigation

Analysed extensive legal documentation and datasets as part of internal investigations and regulatory proceedings. Supported international compliance projects.

  • 2016: Justus Rechtsanwälte, Berlin, Lawyer – Banking, Capital Markets & Insurance Law

Advised on supervisory and regulatory matters, claims management, and dispute resolution.

Education

  • Second State Examination in Law in 2015 at the Higher Regional Court of Schleswig-Holstein
  • First State Examination in Law in 2013 at Albert-Ludwigs-University Freiburg

Back to top

 

 

 

 

Annina is a partner in gunnercooke GmbH, whose registered office is Kurfuerstendamm 15, 10719 Berlin, AG Charlottenburg, HRB 224488 B. All lawyers of gunnercooke GmbH are admitted either in Germany or Austria to practise as Rechtsanwalt or Rechtsanwaeltin and are members of and regulated by the relevant local Bar (Rechtsanwaltskammer).