Since the 1980s, data protection laws have become more and more important in Europe and Germany. The multitude of EU and German directives has made German data protection law one of the most complex legal fields.
The basic principle is simple: any storage, transmission or modification of data is prohibited, unless an exception applies. Because of the large number of laws and directives, as well as the potential for fines, criminal penalties and reputational damage, great care is necessary when determining whether a legal exception applies.
Historically, the authorities enforcing German privacy laws used their enforcement mechanisms sporadically. In recent years, however, enforcement actions are on the rise. Simultaneously, the EU and German legislative bodies have introduced new fines and criminal penalties.
Each member state of the European Union is required to establish one or more data protection supervisory authorities. The supervisory authorities are responsible for monitoring compliance with data protection law. In Germany, each federal state has a state data protection commissioner, i.e. a data protection authority.
Every company must comply with German data protection law, regardless of how many employees it has. Furthermore, any company with at least ten employees must appoint a data protection officer.
Given these legal requirements and increased enforcement actions, it is essential that every company create a data protection concept that is legally compliant, practicable and tailored to its individual needs. Our experienced attorneys can help you develop a data protection concept and address all of your privacy matters, including:
Entities covered by the Act include
Our experienced attorneys regularly review and draft new privacy policies for the websites of companies in a wide-variety of industries and sectors and can gladly advise you on which practices and policies you can engage in while remaining legally compliant.
Federations, associations and other nonprofit organizations are subject to the same German privacy laws as commercial enterprises. While the German data protection authorities have historically focused their enforcement actions on commercial enterprises, in recent years they have also audited and initiated enforcement actions against charitable organizations.
Our attorneys have years of experience working with nonprofits. Let us use our experience to help you develop a data protection concept that is both legally compliant and suitable for your particular activities.
German data orivacy laws provide carve-outs and privileges for fundraising activities. However, fundraisers must also comply with the German Unfair Competition Act (Gesetz gegen den unlauteren Wettbewerb, UWG). As a result, fundraising activities which may be unobjectionable under data protection laws may still constitute unfair competition with other fundraisers. Our attorneys can review your prospective and existing advertising and fundraising efforts to ensure that they are legally compliant.
Sensitive information concerning
are particularly protected under data protection law. For example, medical records or data from scientific studies using human research subjects are subject to special safeguards within health data protection law. Our attorneys are versed in the special rules that apply to sensitive data and can review your collection, use and storage of sensitive data to ensure compliance with data protection law.
Our attorneys can also provide on-site training courses on German and EU data protection law. For more information about trainings or any of the services mentioned above, feel free to contact us.
Our data protection experts
will be pleased to help you with any matters regarding German and EU data protection law. You can contact us via e-mail (firstname.lastname@example.org) or by phone (+49 69 76 75 77 80). Do not hesitate to contact us!
21.09.2022 - Olga Stepanova
29.06.2022 - Patricia Jechel
30.12.2021 - Olga Stepanova