Data Protection

Today‘s technologies offer great opportunities for businesses to capture, use and transfer personal data worldwide. However, they also raise the issue of both legal and business-related risks linked to non-compliance with local data protection regulations such as the Basic Data Protection Ordinance (DS-GVO) and the Federal Data Protection Act (BDSG) in Germany.

Businesses are thus bound to adapt their systems and processes to local data protection requirements if they are to avoid liability risks. This is especially true of data-intensive Industry 4.0 and IoT business models.

We advise businesses and large corporations alike in all legal aspects of data protection.

Our objective is to develop conclusive and practical data-protection-compliant concepts for businesses.

We have a highly experienced team combining business and technical knowledge with expertise in local data protection laws.

An integral part of our practice is to keep abreast of the latest legal developments, the official positions of supervisory authorities as well as best practices. Our services to you include: 

• Data Protection Law Consulting

  • Corporate compliance with local data protection regulations (incl. data protection compliance audits, implementation of data-protection-compliant processes and business operations) 
  • Review and data-protection-compliant development of business models (Industry 4.0, IoT, direct-marketing strategies)
  • Consulting services for internal or external data protection officers 
  • Legal advisory services on corporate guidelines (development and review of corporate guidelines, non-disclosure agreements, internal data protection Guidelines)
  • Presentation of required informational contents and declarations of consent in line with local data protection regulations 
  • Data protection and data use agreements (e.g., servicing contracts) 
  • Legal advisory services on online data protection (e.g., data protection agreements and cookie guidelines) 
  • Legal advisory services on employee data protection (incl. company agreements) 
  • Legal advisory services on data security
  • Monitoring and data protection audits
  • Legal advisory services on international data transfer and structuring 
  • Legal representation in/out of court (e.g., with parties concerned, competitors or supervisory authorities) 
  • Legal advisory services on business transactions (e.g., due diligence in M&A Transactions)

• External Data Protection Officer

  • Assumption of all mandatory tasks as required by law (if necessary, in collaboration with external service Providers) 
  • Legal advice and instructions in all areas of data protection 
  • Monitoring and data protection audits 
  • Legal advice on data security and legal assistance in developing technical-organizational measures (TOMs) 
  • Data protection monitoring in businesses and large corporations 
  • Company-specific employee training 
  • Collaboration with data protection authorities 
  • Contact for data protection authorities 
  • Legal assistance in data protection/security incidents 
  • Legal assistance regarding rights of parties concerned (esp. pertaining to information requests) 
  • Legal advice related to Data Protection Impact Assessment (DPIA) and related implementation monitoring 
  • Legal assistance in the introduction of new data-protection-compliant processes 
  • Legal assistance in the implementation of data protection management Systems

back to overview