von Nadja-Maria Becke

According to the concept of Art. 6 Para. 1 GDPR, all possible legal bases for data processing are equally valid. When examining the legality of data processing, the necessity to execute a contract (Art. 6 Paragraph 1 lit. . f GDPR). Nevertheless, the data protection law approval according to Art. 6 Para. 1 lit. a GDPR continues to be popular and is often viewed as the legal basis of choice.

However, if you would like data processing in your company to be based on consent, a few important points must be observed. Particularly with the supposedly easy-to-use declaration of consent, problems lurk in detail which, if not observed, can lead to unlawful data processing.

Read more …

von Nadja-Maria Becke

The so-called “Schrems2” judgment of the ECJ, with which the US-EU Privacy Shield was overturned, is currently stirring up data protection officers and companies. In the video you can find out everything you currently need to know about the EU-US Privacy Shield. We’ll also tell you what to look out for in the company!

Read more …

von Rainer Aigner

It took a long time, but now it actually happened that the Austrian lawyer Max Schrems brought the data transfer to the USA before the ECJ again. He was right again. The so-called “Schrems2” judgment of the ECJ, with which the US-EU Privacy Shield was overturned, is currently stirring up data protection officers and companies. In our blog article and video you will find out everything you currently need to know about EU-US privacy. We’ll also tell you what to look out for in the company!

Read more …

von Rainer Aigner

The fact that the ECJ overturned the EU-US Privacy Shield with its judgment has far-reaching consequences, especially for data transfer to the USA:

Affected are e.g. all apps, software programs and service providers with storage location USA or remote maintenance from USA!

Read more …

von Nadja-Maria Becke

According to the General Data Protection Regulation, companies that are part of a group are not treated as uniformly responsible, but as independent group companies. There is therefore no group privilege. A separate justification is therefore required for each data transfer between the group companies, which must comply with the principles of the General Data Protection Regulation.

Read more …

von Nadja-Maria Becke

In another blog article we have already dealt with the basic and generally applicable conditions of the right to information according to Art. 15 GDPR. Today’s post and the accompanying video are dedicated to the right to information in a special situation – Art. 15 GDPR in employment.

Read more …

von Nadja-Maria Becke

The General Data Protection Regulation not only lays down obligations for data processing companies, but also addresses persons affected by data processing directly and grants them extensive rights. When it comes to the right to information, there are important points to consider for companies. In this blog article and the accompanying video you will find out what you have to consider when it comes to the right to information under Art. 15 GDPR.

Read more …

von Tobias Damasko

Data errors should cost the AOK Baden-Württemberg a fine of 1.2 million euros.

Read more …

von Das Team der aigner business solutions GmbH

More and more companies are striving to improve information security in their own company. To meet this challenge, organizations rely on the establishment of an information security management system, or ISMS for short. In order for such a project to be implemented successfully, various aspects must be taken into account before the introduction, which the responsible persons must be made aware of. Find out more about the importance of an ISMS for your company in this blog article and our YouTube video.

Read more …

von Nadja-Maria Becke

You can now see them more and more often, the data protection information posted for customers. In order to fulfill the obligation of Art. 13 and Art. 14 GDPR, many retailers, but also medical practices, use the possibility of a notice in the business premises. In these documents, the basic data processing conditions of the respective company are then communicated to interested customers, sometimes more or less in detail.

Read more …