Data Protection Law
We support our clients and their data protection officers in the implementation of data protection regulations and make companies GDPR compliant. Our wide experience enables us to contribute to advantage when advising large and medium-sized companies, as well as group companies nationally and internationally, on cooperation with data protection law.
In this area of consultation we focus on all-round support. We develop concepts for data protection (also as part of a comprehensive security concept), data protection management strategies (e.g. in accordance with ISO 2700 or IT baseline protection) and support our clients and their data protection officers in the implementation of documentation and verification obligations, the creation of lists of processing activities, the handling of data subjects' rights as well as the legal drafting of order processing contracts. We provide practical recommendations for the implementation of the legal principles and the measures to be taken. We also offer to represent international companies outside the EU/EEA within the meaning of Art. 27 GDPR.
Finally, we offer workshops on data protection issues. Training courses for employees at management level, department heads, IT and HR departments and the data protection officer as well as other employees who are responsible for implementing the data protection guidelines complement our concept.
Overview of our consulting services in data protection law
- Creation of security concepts:
Determination of the applicable legal regulations (GDPR, Federal Data Protection Act, Telemedia Act, Social Security Code, etc.)
Definition of required guidelines for the security of processing of personal data, use of information technology equipment, IT systems, telephony and Internet
Privacy by design and Privacy by default
- Creation of data protection information in accordance with Art. 13, 14 GDPR for customers, employees, etc.
- Privacy statement and imprint on website according to Telemedia Act and GDPR
- Advice on data protection in relation to IT, Internet, Cloud, SEO services, etc.
- Support in the preparation of procedural directories
- Drafting of works agreements on data protection and the introduction of technical installations in accordance with the BetrVG (Works Constitution Act)
- Creation of authorization and deletion concepts
- Consulting in connection with the introduction of IT systems and applications
- Determination of technical and organisational measures
- Advice on adaption of the process for email marketing
- Assistance with privacy and data protection impact assessments
- Concept for the internal handling of data breakdowns, data protection inquiries and the implementation of data subjects' rights
- Determination of order processing and conclusion of order processing contracts
- Data protection information for contractual partners and concept for compliance with the duty to provide information
- Data protection workshops and employee training courses