Data Protection Law
Since the EU General Data Protection Regulation (GDPR) came into force, data protection law has become an integral part of public perception and everyday business life. Since personal data is collected and processed in almost every transaction in companies and public authorities, data protection law, as a so-called “cross-sectional matter”, must practically always be observed. In addition, the GDPR has in particular introduced or extended extensive documentation and notification obligations, which require precise knowledge of the processing procedures used in one’s own organization (principle of “accountability”). Data protection expertise within the organization is therefore essential in order not to run the risk of being exposed to possible sanctions by the supervisory authorities or, if applicable, warning letters from competitors/consumer protection associations. The high relevance of data security and the technical and organizational measures required for this are once again emphasized by the GDPR compared to the previously applicable law.
We have many years of experience in advising on data protection law and demonstrate this through our certificates for data protection officers (UDISzert and TÜVzert). We advise on all questions of data protection law and provide support in particular through
- the evaluation of processing activities under data protection law and advice on individual legal issues,
- the creation and review of directories of processing activities,
- the preparation of data protection declarations and consents,
- advising on the introduction of measures to establish data protection as part of compliance (e.g., corporate and company guidelines on data protection and compliance with them),
- training on data privacy in general and specific topics such as: Press and public relations, data protection in procurement procedures, etc.,
- legal advice for data privacy officers.