Advertising and Data Protection

Information processing about services and products is a regular feature of sale promoting measures in enterprises. If promotional measures are used on selected, private target groups, data protection requirements need to be considered for the realization of these promotional measures. Many questions concerning the data protection conformity of the promotional measures need to be answered […]

Details …

Online advertising

The internet as a media for advertising is very popular, for where many people spend their time, advertising is highly attractive. However, the internet is not an area not regulated by law, hence every action of a person online may have consequences according to civil law and criminal law. Thus the question rises, what rules […]

Details …

Video Surveillance

The surveillance via optical electronic installations is becoming more important, especially video surveillance in companies. There are many different motives for companies to monitor specific areas in the company via CCTV. Considering a possible infringement of the right of informational self-determination and further data protection codes, for the evaluation of the admissibility of a video […]

Details …

Internal Data Protection Commissioners

Our law firm supports internal data protection commissioners by clarifying legal questions about privacy and the creation of for example contracts, policies, operating systems and user agreements. Furthermore, we provide training for internal data protection commissioners or employees of the company. The services of the law firm in providing assistance and training of internal data […]

Details …

Protection of Social Data

Social institutions, e.g. child and youth welfare services and information centers, collect, process and use a multitude of personal data. Many of this personal data are sensitive data and therefore need to be classified in regard to data protection. In the area of social privacy, a huge data exchange is taking place between the social […]

Details …

Radio Frequency Identification (RFID)

The radio frequency identification (RFID) denotes a microchip technology that allows it to touch objects without direct contact. These chips are scanned and powered by means of radio transmission technique. The received data, e.g. on products, can be transferred automatically to a downstream IT system. This technology can be seen as a supplement to the […]

Details …

Data Protection Law of the Catholic Church (KDG)

In the field of data protection law, the Catholic Church has given orders about the church data protection (KDG).We function as external data protection commissioner for enterprises and organizations being subordinated to an agency of the Catholic Church, such as administration, hospitals, academies, supporting work, and child and youth welfare services. The following services are […]

Details …

Data Protection Law of the Prostestant Church (DSG-EKD)

The data protection law of the Protestant Church in Germany (DSG-EKD) is applied to the data protection within the field of agencies of the Protestant Church, hence in their enterprises and organizations. We function as external data protection commissioner for enterprises and organizations being subordinated to an agency of the Protestant Church, such as administration, […]

Details …

International data transmisson

International companies transfer personal data, e.g. applicant data from subsidiary companies in Germany to the USA, from support center to support center (follow the sun) or to service partners resident in third countries, who process personal data under contract. The applications are diverse, and the data transmission, too, can occur over a number of data […]

Details …

Medical Privacy

Medical privacy finds application in hospitals, medical organizations, and medical practices. Besides the doctor-patient privilege, several regulations need to be observed. The states have legislated hospital acts, and these legal norms and directives are to be transposed as well. The creation of a privacy compliant hospital administration and the protection of patient data in ward […]

Details …

Geotagging

There are many services that enable a geotagging of the residence of the user. The so called geotagging can take place via the allocated IP address by the internet provider or via the mobile communications network. Finding out the position of an internet or mobile phone user can be very attractive for a company for […]

Details …

Data Protection Audit

Our law firm offers you the carrying out of data protection audit. Attorney Thomas Costard is an examined data protection auditor […]

Details …

Data Protection in Social Networks

The increase of multi-media influences and the urge for permanent communication in our society support the increasing popularity of social networks. Facebook, WhatsApp, Twitter, Instagram or XING and the like are meanwhile used in private as well as in job-related areas. The constant extension of the possibilities of social interaction allows it to upload all […]

Details …

Data Protection in Educational Institutions and Schools

A lot of data is collected, processed and used in educational institutions and schools. The persons affected in the field of application of data protection in educational institutions and schools are pupils, parents, teachers, administrative officers, and the school administration. A lot of privacy compliant requirements need to be noted both with the organization of […]

Details …

Cloud Computing

Providers of IT services allowing companies to draw on perfect IT processes, enjoy great popularity. Generally speaking of Cloud Computing, we differentiate between IaaS (Infrastructure as a Service), containing the provision of computing power and storage space, PaaS (Platform as a Service), the provision of development platforms, and SaaS (Software as a Service), containing the […]

Details …

Bring Your Own Device (BYOD)

The safe and data protection compliant use of private terminal equipment for operational purposes is a challenge for both employees and the company itself. The use of staff’s private terminal equipment provides further risks for the company which need to be avoided by appropriate precautions by the latter. The information about possible threats, which may […]

Details …

Order processing

The outsourcing of computing processes to service (external) providers being not related to the company, is a process, which needs a verification for reasons of data protection according to the agreement on order processing. The area of responsibility of an external data protection commissioner implies the control of agency contracts from controller engaging external service […]

Details …