Data protection law
With the coming into force of the EU Data Protection Basic Regulation (DSGVO) on 25 May 2018, data protection law has moved more into the focus of public attention. Since personal data are collected and processed in almost every transaction in companies and public authori-ties, as a so-called “cross-sectional matter”, the DSGVO, as implemented in each member state and the UK, must always be observed. Due to the broad positioning of BHO Legal in advising on technology projects, we are able to provide comprehensive advice on such cross-sectional matters.
In particular, the DSGVO introduced or extended extensive documentation and notification obligations which require precise knowledge of the processing procedures used in one’s own organisation (principle of accountability). The obligation to notify the legal basis on which per-sonal data are processed forces organisations to document the relevant considerations. Data protection know-how is therefore essential in order to prevent the client running the risk of being exposed to possible complaints by competitors or sanctions by supervisory authorities. In addition to considerable fines, negative publicity can result from media coverage. The importance of data security and the technical and organisational measures required for this (which must of course be documented) are increasingly emphasised by the DSGVO.
We advise on all questions of data protection law and provide support in particular through
- Data protection assessment of processing activities and projects
- Creation/verification of lists of processing activities
- Preparation of data protection declarations and consents
- Advice on the introduction of measures to establish data protection as part of compliance (e.g. Group and corporate guidelines on data protection and compliance with them)
- Training courses on data protection in general and on specific topics, such as press and public relations, data protection in award procedures, etc.
- Legal advice to data protection officers