Data protection law

Data protection is not an end in itself.

The fundamental right to data privacy is, to a certain degree, a catalyst for other fundamental rights. The motivation for diligence and compliance in data protection, ideally, stems from a company’s own stake in being a reliable business partner.

The General Data Protection Regulation (GDPR), which has been binding since 2018, is finally pushing the issue of data protection into the realm of compliance, with the threat of penalties of up to 20 million euros or 4% of global annual turnover. Companies of all sizes and in all industries would be well advised to acquaint themselves with the GDPR.

As a partner in the, I offer the following services in the area of data protection law in cooperation with the Research Institute (of-counsel agreement):

  • Consulting in data protection law issues (e.g. analysis of internal company processes/products and development of practicable solutions).
  • Preparation of data protection law documents (e.g. data protection declaration, data processing agreements, data protection impact assessments);
  • Representation in data protection proceedings before the data protection authority (Datenschutzbehörde), the federal administrative court as well as the supreme administrative court and the constitutional court;
  • Data protection and data security training for data protection officers (Datenschutzbeauftragte) and/or for employees.