Your Lawyer for
Data Protection Law
On 25 May 2018, when the new EU General Data Protection Regulation (GDPR) entered into force, a whole range of new obligations regarding the processing of personal data were imposed on enterprises, authorities and other entities (“controllers”).
Each controller must maintain an inventory of all processing activities, and the controller’s clients, business partners and employees (“data subjects”) must be actively informed about how their data is processed. Additionally, the controller must conclude processor agreements with all external data-processing service providers.
Furthermore, data subjects have new and more extensive rights at their disposal, e.g. the right “to be forgotten” or the right to data portability.
Another important step is to check whether for each processing activity there is an adequate legal basis (e.g. consent, performance of a contract, statutory obligations etc.) and whether the data is deleted once the legal basis has ceased to exist, for instance, because the consent is withdrawn or the contract is fulfilled.
Today, the diligent and lawful handling of personal data is an absolute must, all the more so with a view to the potentially drastic penalties – up to € 20 million for violations of data protection provisions.
Our law firm is your reliable partner in all legal aspects of data protection. We draft and examine the required documents, train your employees and give you valuable and practicable advice on the implementation of the GDPR in your daily business.
If need be, we also assume the role of your official data protection officer.
Our services around data protection law
- Implementation of the GDPR
- Detection of need for (legal) action
- Drafting of required declarations, inventories and contracts
- Support in handling data subjects’ claims (right to information, to erasure etc.)
- Fulfilling the role of a data protection officer