Verarbeitungstätigkeiten - Was gibt es zu beachten?

Processing activities – what should be considered?

“More paperwork, more documentation. That is just a hindrance and does not help anyone ”. Most likely react in this way or something similar when it comes to keeping a record of the processing activities that, according to Article 30 GDPR, must be kept in every organization and company as soon as personal data is processed. Article 83 GDPR creates an additional “monetary incentive” to act. Who would like to receive a fine because data protection has not been complied with? The loss of image due to publications is often greater than the resulting financial damage.
Read more

Datenschutzrechtliche Risikofaktoren - DSGVO-Bußgelder bei nicht Einhaltung dieser Regelungen

Data protection risk factors: former employees and dissatisfied customers

In the day-to-day work of a data protection officer, you have to do a lot of persuading and repeatedly fight for compliance with the GDPR. Companies often shy away from costs and effort when making necessary adjustments. Business leaders generally question the GDPR, the demands of which are far too exaggerated. In the following we take a closer look at the topic of “data protection risk factors”:
Read more

Web-Checks - DSGVO-Check - Ist ihre Website Sicher?

GDPR check – is your website GDPR compliant?

Could you safely say that your website is compliant with data protection regulations? Because anyone looking for data protection deficiencies on the Internet will quickly find what they are looking for. Everything is included, from the inadequate cookie banner to the poorly accessible data protection declaration. But what is the cause of this? Do companies not want to meet their legal obligations or do they not even know that they are doing something wrong? You can find out in our GDPR check!
Read more

GDPR fine against H&M: € 35.3 million

The Swedish fashion brand H&M is said to pay a fine of 35.3 million euros for spying on employees. Hundreds of employees at the service center in Nuremberg are said to have been monitored. The Hamburg commissioner for data protection, Johannes Caspar, justified the decree on Thursday. Read the blog article to learn more about the GDPR fine against H&M.

Read more

EU-US Privacy Shield durch EuGH gekippt - Datenschutz - DSGVO - IT-Sicherheit - BDSG neu - Daten - Personenbezogene Daten

“EU-US Privacy Shield” overturned by the ECJ

The fact that the ECJ overturned the EU-US Privacy Shield with its judgment has far-reaching consequences, especially for data transfer to the USA:

Affected are e.g. all apps, software programs and service providers with storage location USA or remote maintenance from USA!

Read more

Auskunftsanspruch nach Art. 15 DSGVO im Beschäftigungsverhältnis - Datenschutz - DSGVO - Daten - Personenbezogene Daten - Anspruch - Beschäftigtenverhältnis

Right to information according to Art. 15 GDPR in the employment relationship

In another blog article we have already dealt with the basic and generally applicable conditions of the right to information according to Art. 15 GDPR. Today’s post and the accompanying video are dedicated to the right to information in a special situation – Art. 15 GDPR in employment.

Read more

Auskunftsanspruch nach Art. 15 DSGVO im Beschäftigungsverhältnis - Datenschutz - DSGVO - Daten - Personenbezogene Daten - Anspruch - Beschäftigtenverhältnis

The right to information according to Art. 15 GDPR – the fundamental right for data subjects

The General Data Protection Regulation not only lays down obligations for data processing companies, but also addresses persons affected by data processing directly and grants them extensive rights. When it comes to the right to information, there are important points to consider for companies. In this blog article and the accompanying video you will find out what you have to consider when it comes to the right to information under Art. 15 GDPR.

Read more

Datenschutz im Marketing

Google Analytics – Shared Responsibility

As one of the most widely used tools for website operators, extensive statistical evaluations of website usage can be carried out with Google Analytics.

For this reason, the German data protection supervisory authorities saw themselves prompted at the data protection conference on May 12, 2020 to resolve and publish new information on the use of Google Analytics.

Read more


Employee data protection: Police clearance certificate – What must the employer consider?

Many employers have an interest in receiving a police clearance certificate from their applicants and future employees to check whether they have already had a criminal record. But is that even permissible? We will explain this fact in this article.

Read more

Anniversary: 2 years GDPR

On May 25, 2018, the GDPR came into force and caused a lot of dust in some companies. The excitement was great back then, but it has now subsided. Many detailed questions that were still open in 2018 have been clarified. Other problems are still waiting for a clear positioning by the supervisory authorities or a court decision. We look back on the past 2 years and highlight some highlights in data protection.

Read more