HomeExpertiseData Protection

Data Protection

Broad-based expertise in all areas

Over recent years, data protection has increasingly become the focus of public attention. Ongoing digitalization is fuelled by data, and optimizing the use of new technical opportunities in collecting and analysing information is crucial to competitiveness. At the same time, fundamental reforms to data protection law have placed firm limits on the permissibility of processing personal data, set high requirements as to how companies organize their data protection, and threaten tough penalties in the event of legal breaches. Thus, data protection compliance constitutes one of the key risk avoidance strategies for companies.

As a full service law firm, we have for many years taken an integrated approach in advising German and foreign companies on data protection and its interfaces with all relevant legal areas, including IT, corporate, antitrust and employment law.

JUVE Handbuch 2020/2021
“Clients praise level of cooperation and confirm that the advice provided by the entire team 'always considers a matter from all perspectives'“

Data protection and compliance structures

EU data protection law places special demands on companies regarding data protection management and organization. We develop tailor-made compliance programmes to minimize the risk of fines. And we advise on how to implement the General Data Protection Regulation, supporting companies in making the necessary modifications to their data protection organization and infrastructure.

...
More

On behalf of our clients, we review organisational structures and documentation processes and develop data protection guidelines, declarations of consent and company guidelines that exactly fit our clients’ needs. We also offer our clients training sessions (face-to-face or online) in implementing in-company data protection compliance rules in order to strengthen awareness within the company.

Less

Securing internal investigations and whistleblowing systems under data protection law

We assist companies in internal investigations to clarify compliance violations and in reacting to such violations. This includes handling employees’ personal data in a legally sound and practical manner, organizing and ensuring legal compliance in evaluations of email communication, and checking the permissibility of data transfer to group companies and public authorities in states outside the EU.

...
More

We also shape internal whistleblowing systems to comply with data protection laws, both in Germany and internationally, and negotiate the necessary rules  with employee representatives.

Less

Data protection advice on IT projects and cloud computing

Our clients profit from our many years of experience in dealing with all kinds of major IT projects. In data protection, we advise on IT outsourcing, on migrating IT functions to the cloud, and on transitional service agreements in the framework of transactions, for example.

...
More

For IT product and service providers as well as for their customers, we structure the requisite data protection agreements and terms of use, e.g. for commissioned data processing agreements and remote servicing of IT systems.

Less

Data protection in employment law

Digitalization is changing the world of work faster than the legal framework of employment law is changing. In companies with works councils, we negotiate how digitalized processes will be introduced and how technical opportunities in staff monitoring can be handled in an up-to-date manner. Additionally, we advise companies on using their systems such as email and internet as well as on matters like bring your own device or home offices and the relevant aspects of employment and data protection law.

Data protection in the healthcare sector (sensitive data)

For the healthcare sector, digital progress means major opportunities as well as special data protection challenges given the highly sensitive nature of health data and genetic information.

...
More

We advise healthcare sector players such as statutory health insurance funds, drug and medical device manufacturers, pharmacies, trade associations, ambulatory healthcare centres and clinic groups on all relevant legal issues. These include IT outsourcing projects, research initiatives (including use of big data analyses and biobanks), transactions, and structuring online presence.

Less

Cross-border data exchange / data transfers within the group

We advise our clients in Germany and abroad on all issues raised by cross-border exchange of personal data, such as in connection with transactions or where global customer or staff databases are planned, in connection with telematics, on data transfer within corporate groups etc.

Global reach

Internationally, our clients profit from integrated advice from our international network on various data protection rules outside of Germany. In cases extending across jurisdictions, we work together with top international law firms on a steady basis of trust, offering a one-stop shop for optimal advice on each case.

News
07.04.2022
Gleiss Lutz advises medatixx on the acquisition of Softland
More
17.11.2021
Gleiss Lutz advises Nova on the acquisition of ancosys
More
19.10.2021
Gleiss Lutz advises ASML on the sale of Berliner Glas Medical and SwissOptic to JENOPTIK AG
More
11.06.2021
Gleiss Lutz advises MitrAssist on Series B financing round for medical technology startup AdjuCor
More
All
Know-How
05.04.2022
Dealing with personal data in cross-border compliance investigations
More
09.03.2022
Commission’s proposal for the Data Act
More
23.02.2022
Data in the financial sector
More
08.06.2021
New EU standard contractual clauses for the transfer of data to third countries – what companies now need to do
More
All
Contact Person
Dr. Stefan
Weidert
Call
Dr. Christian
Hamann
Call
Dr. Katrin
Haußmann
Call
Experts
Um diese Web-App auf Ihrem Homescreen zu speichern, klicken Sie bitte auf „Zum Home-Bildschirm“
Um diese Web-App auf Ihrem Homescreen zu speichern, klicken Sie bitte auf „Zum Startbildschirm zufügen“