Legally compliant Data protection impact assessment

  • Legally compliant impact assessment
  • With final report
  • Audit by a lawyer specializing in data protection

We check whether you need a (DPIA). If so, we will carry this out together.

 

Free initial consultation

Lawyer Peter Weiler

Your contact person

Rechtsanwalt Peter Weiler Fachanwalt für gewerblichen Rechtsschutz

+49 30 206 436 810

Competent support

  • Certified data protection officer (TÜV)
  • Specialist lawyer for intellectual property rights
  • Advice on data protection
  • Delivery of a legally compliant data protection impact assessment
Free initial consultation

Book Mueller.legal data protection impact assessment now

  • Full price control
  • Comprehensive support
  • Child-friendly implementation
Free initial consultationFree initial consultation
  • Full price control
  • Comprehensive support
  • Child-friendly implementation

Procedure of a Mueller.legal data protection impact assessment

  • We check whether you need a DPIA at all

    We then evaluate the current measures and see where there is a need for action. We remain in constant communication with you and the IT team in order to respond to your needs.

  • We examine the current risks

    We summarize the results from the first phases in a comprehensive audit report. This contains tailored recommendations for action and checklists as well as templates for all documentation required by the GDPR.

  • We look for remedial measures together

    Once you receive our report, it's time for implementation: you implement the necessary measures, train your team and adapt processes if necessary. We will continue to support you if you have any questions.

  • We check the risks for remedial measures

    Once you receive our report, it's time for implementation: you implement the necessary measures, train your team and adapt processes if necessary. We will continue to support you if you have any questions.

Book Mueller.legal data protection impact assessment now

  • Full price control
  • Comprehensive support
  • Child-friendly implementation
Free initial consultationFree initial consultation
  • Full price control
  • Comprehensive support
  • Child-friendly implementation

When do I have to carry out a data protection impact assessment?

This decision can be complex in individual cases and require the assessment of an experienced lawyer. In principle, the following guidelines apply:

Art. 35 para. 3 GDPR stipulates that a data protection impact assessment is required in these three cases in particular:

  • systematic and comprehensive assessment of personal aspects
  • extensive processing of special categories of personal data or personal data relating to criminal convictions and offenses
  • systematic and extensive monitoring of publicly accessible areas

 

In addition, the Data Protection Conference has drawn up a so-called Black List, which specifies the processing activities for which a DPIA must be carried out. This includes, in particular, processing operations with these nine relevant criteria:

  • Confidential or highly personal data
  • Data relating to vulnerable data subjects
  • Data processing on a large scale
  • Systematic monitoring
  • Innovative use or application of new technological or organizational solutions
  • Evaluation or grading (scoring)
  • Matching or merging data records
  • Automated decision-making with legal effect or similarly significant effect
  • Affected persons are prevented from exercising a right or using a service or performing a contract

Can I carry out a data protection impact assessment on my own?

Of course, you can also carry out a data protection impact assessment on your own using the many free checklists and samples. This saves money at first, but also costs a lot of time. This is because the GDPR and the extensive case law are not so easy to keep track of without prior knowledge.

Even if you have a good technical team at your disposal, they will usually not have the necessary legal expertise. With so many processing operations and risks to keep track of, a DPIA can quickly overwhelm a layperson. In the worst case scenario, you could save money by carrying out the data protection impact assessment, but receive a hefty bill in the form of fines or claims for damages. This can be avoided by involving lawyers.

Nothing can go wrong with the Mueller.legal team

In addition to our legal expertise, we also have sufficient technological know-how. As a LegalTech law firm, we have a good overview of what is technically possible and legally justifiable. Our team is TÜV-certified and has years of experience in data protection and intellectual property law.

Our mission: to make data protection simple and effective for everyone involved. In addition to excellent advice, cost efficiency is also important. We make sure that together we find a solution that makes you and your team happy and that you no longer have to worry about data protection issues.

Book Mueller.legal data protection impact assessment now

  • Full price control
  • Comprehensive support
  • Child-friendly implementation
Free initial consultation
  • Full price control
  • Comprehensive support
  • Child-friendly implementation

What remedial measures are conceivable?

If there are significant risks that are unacceptable in view of the data being processed, you must find suitable remedial measures. These can be of a technical, organizational or contractual nature (so-called TOM).

The most effective are technical measures, such as

  • Relocation to European servers

What data protection risks may exist?

Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Aenean commodo ligula eget dolor. Aenean massa. Cum sociis natoque penatibus et magnis dis parturient montes, nascetur ridiculus mus. Donec quam felis, ultricies nec, pellentesque eu, pretium quis, sem. Nulla consequat massa quis enim. Donec pede justo, fringilla vel, aliquet nec, vulputate eget, arcu.

What remedial measures are conceivable?

If there are significant risks that are unacceptable in view of the data being processed, you must find suitable remedial measures. These can be of a technical, organizational or contractual nature (so-called TOM).

The most effective are technical measures, such as

  • Relocation to European servers

Expertise in data protection law

Lawyer Peter Weiler is your contact person for data protection at our law firm. Mr. Weiler supports you in the context of data protection issues.

Free initial consultation