We check whether you need a (DPIA). If so, we will carry this out together.
Lawyer Peter Weiler
Rechtsanwalt Peter Weiler Fachanwalt für gewerblichen Rechtsschutz
We then evaluate the current measures and see where there is a need for action. We remain in constant communication with you and the IT team in order to respond to your needs.
We summarize the results from the first phases in a comprehensive audit report. This contains tailored recommendations for action and checklists as well as templates for all documentation required by the GDPR.
Once you receive our report, it's time for implementation: you implement the necessary measures, train your team and adapt processes if necessary. We will continue to support you if you have any questions.
Once you receive our report, it's time for implementation: you implement the necessary measures, train your team and adapt processes if necessary. We will continue to support you if you have any questions.
This decision can be complex in individual cases and require the assessment of an experienced lawyer. In principle, the following guidelines apply:
Art. 35 para. 3 GDPR stipulates that a data protection impact assessment is required in these three cases in particular:
In addition, the Data Protection Conference has drawn up a so-called Black List, which specifies the processing activities for which a DPIA must be carried out. This includes, in particular, processing operations with these nine relevant criteria:
Of course, you can also carry out a data protection impact assessment on your own using the many free checklists and samples. This saves money at first, but also costs a lot of time. This is because the GDPR and the extensive case law are not so easy to keep track of without prior knowledge.
Even if you have a good technical team at your disposal, they will usually not have the necessary legal expertise. With so many processing operations and risks to keep track of, a DPIA can quickly overwhelm a layperson. In the worst case scenario, you could save money by carrying out the data protection impact assessment, but receive a hefty bill in the form of fines or claims for damages. This can be avoided by involving lawyers.
In addition to our legal expertise, we also have sufficient technological know-how. As a LegalTech law firm, we have a good overview of what is technically possible and legally justifiable. Our team is TÜV-certified and has years of experience in data protection and intellectual property law.
Our mission: to make data protection simple and effective for everyone involved. In addition to excellent advice, cost efficiency is also important. We make sure that together we find a solution that makes you and your team happy and that you no longer have to worry about data protection issues.
If there are significant risks that are unacceptable in view of the data being processed, you must find suitable remedial measures. These can be of a technical, organizational or contractual nature (so-called TOM).
The most effective are technical measures, such as
Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Aenean commodo ligula eget dolor. Aenean massa. Cum sociis natoque penatibus et magnis dis parturient montes, nascetur ridiculus mus. Donec quam felis, ultricies nec, pellentesque eu, pretium quis, sem. Nulla consequat massa quis enim. Donec pede justo, fringilla vel, aliquet nec, vulputate eget, arcu.
If there are significant risks that are unacceptable in view of the data being processed, you must find suitable remedial measures. These can be of a technical, organizational or contractual nature (so-called TOM).
The most effective are technical measures, such as
Lawyer Peter Weiler is your contact person for data protection at our law firm. Mr. Weiler supports you in the context of data protection issues.
