Digital Future

Data Protection

Broad-based expertise in all areas

Over recent years, data protection has increasingly become the focus of public attention. Ongoing digitalization is fuelled by data, and optimizing the use of new technical opportunities in collecting and analysing information is crucial to competitiveness. At the same time, fundamental reforms to data protection law have placed firm limits on the permissibility of processing personal data, set high requirements as to how companies organize their data protection, and threaten tough penalties in the event of legal breaches. Thus, data protection compliance constitutes one of the key risk avoidance strategies for companies.

As a full service law firm, we have for many years taken an integrated approach in advising German and foreign companies on data protection and its interfaces with all relevant legal areas, including IT, corporate, antitrust and employment law.

JUVE Handbuch 2017/2018
“Broad-based expertise”

Data protection and compliance structures

EU data protection law places special demands on companies regarding data protection management and organization. We develop tailor-made compliance programmes to minimize the risk of fines. And we advise on how to implement the General Data Protection Regulation, supporting companies in making the necessary modifications to their data protection organization and infrastructure. ...On behalf of our clients, we review organisational structures and documentation processes and develop data protection guidelines, declarations of consent and company guidelines that exactly fit our clients’ needs. We also offer our clients training sessions (face-to-face or online) in implementing in-company data protection compliance rules in order to strengthen awareness within the company.

Securing internal investigations and whistleblowing systems under data protection law

We assist companies in internal investigations to clarify compliance violations and in reacting to such violations. This includes handling employees’ personal data in a legally sound and practical manner, organizing and ensuring legal compliance in evaluations of email communication, and checking the permissibility of data transfer to group companies and public authorities in states outside the EU. ...We also shape internal whistleblowing systems to comply with data protection laws, both in Germany and internationally, and negotiate the necessary rules  with employee representatives.

Data protection advice on IT projects and cloud computing

Our clients profit from our many years of experience in dealing with all kinds of major IT projects. In data protection, we advise on IT outsourcing, on migrating IT functions to the cloud, and on transitional service agreements in the framework of transactions, for example. ...For IT product and service providers as well as for their customers, we structure the requisite data protection agreements and terms of use, e.g. for commissioned data processing agreements and remote servicing of IT systems.

Data protection in employment law

Digitalization is changing the world of work faster than the legal framework of employment law is changing. In companies with works councils, we negotiate how digitalized processes will be introduced and how technical opportunities in staff monitoring can be handled in an up-to-date manner. Additionally, we advise companies on using their systems such as email and internet as well as on matters like bring your own device or home offices and the relevant aspects of employment and data protection law.

Data protection in the healthcare sector (sensitive data)

For the healthcare sector, digital progress means major opportunities as well as special data protection challenges given the highly sensitive nature of health data and genetic information. ...We advise healthcare sector players such as statutory health insurance funds, drug and medical device manufacturers, pharmacies, trade associations, ambulatory healthcare centres and clinic groups on all relevant legal issues. These include IT outsourcing projects, research initiatives (including use of big data analyses and biobanks), transactions, and structuring online presence.

Cross-border data exchange / data transfers within the group

We advise our clients in Germany and abroad on all issues raised by cross-border exchange of personal data, such as in connection with transactions or where global customer or staff databases are planned, in connection with telematics, on data transfer within corporate groups etc.

Global reach

Internationally, our clients profit from integrated advice from our international network on various data protection rules outside of Germany. In cases extending across jurisdictions, we work together with top international law firms on a steady basis of trust, offering a one-stop shop for optimal advice on each case.

Data Protection News
27.03.2019
Gleiss Lutz advises Zoosk on acquisition by Spark Networks
More
27.12.2018
Gleiss Lutz advises gkv informatik on successful outsourcing of its IT data centre and other IT services
More
20.08.2018
Gleiss Lutz advises investors on the acquisition of Freeletics
More
10.06.2015
Gleiss Lutz advises KKR on the acquisition of Bayer’s Diabetes Care business
More
All
Know-How
01.02.2019
European Data Protection Supervisor: GDPR not an obstacle to disclosing personal information to EU investigating authorities
More
17.04.2018
Internal Investigations and Data Protection
More
05.03.2018
The 2018 coalition agreement – data protection: Harmonisation, digitalisation and innovation
More
All
Contact Person
Um diese Web-App auf Ihrem Homescreen zu speichern, klicken Sie bitte auf „Zum Home-Bildschirm“
Um diese Web-App auf Ihrem Homescreen zu speichern, klicken Sie bitte auf „Zum Startbildschirm zufügen“