Data Protection Law

Industry 4.0, Big Data, car data, Internet of Things (IoT), cloud computing, smart home or e-health: personal data and the way it is being used is becoming an increasingly important part of existing or completely new business areas. Compliance with and the violation of data protection laws are thus increasingly becoming the focus of public attention. This means that companies need to find their way around the conflict between their business interests and the legal requirements, by ensuring their data protection is very well organised. Our pragmatic and solution-oriented team, which specialises in data protection law, can help you to ensure that this succeeds.

The processing of personal data is highly regulated. In addition to the EU General Data Protection Regulation (GDPR) and the new German Federal Data Protection Act (BDSG-neu), which has been amended to accord with EU law, sector-specific laws, such as the German Telecommunications Act (TKG) or the German Act Against Unfair Competition (UWG), regulate how personal data is handled. Compliance and liability risks must be considered and safeguarded with regard to the exploitation of personal data, which offers attractive business opportunities for companies.

Together with our clients, we develop the best industry-focused data protection solution for the company based on the current legislation, jurisprudence and the announcements made by the data protection supervisory authorities. This strategy is constantly being updated and is already taking into consideration the consequences of possible future developments.

Our range of advisory services:

Providing comprehensive data protection law advice for national and international companies and for internal data protection officers
Appointment as an external data protection officer and providing support as such
Advising on introducing and implementing data protection organisation
Advising on carrying out data protection impact assessments, e.g. in connection with video surveillance or Big Data applications
Drafting relevant documentation under data protection law, such as data protection guidelines, data protection information or contracts
Advising on implementing authorisation and deletion concepts
Representation vis-à-vis data protection supervisory authorities
Risk management in the event of data protection incidents
Carrying out national and international data protection audits

Advising, for example, on introducing whistleblowing programs, human resources or assessment systems at national and international levels
Advising on drafting and negotiating works agreements on the basis of the EU General Data Protection Regulation (GDPR) and the new German Federal Data Protection Act (BDSG-neu)
Training courses and workshops (e.g. employee workshops)

Data protection-compatible design when using new technologies, such as smart home, car data or health apps
Transactional advice
Advising on setting up websites, online shops and cookie walls and on using tracking and analysis tools

Advising regarding cross-border data processing both for intra-group data exchange and with external parties
Drafting and negotiating the necessary contracts
Advising on introducing binding corporate rules (BCRs)
Carrying out national and international data protection audits