Luther Rechtsanwaltsgesellschaft mbH in Regenbogenfarben
DE EN
Two professionals engage in a conversation by large windows. The man is wearing glasses and a dark suit, while the woman, smiling, has long red hair and is dressed in a dark blazer. They share a friendly, collaborative demeanor in a bright, modern space.
Data Protection Law

Our range of advisory services

In an era where data is considered the “new gold”, your personal information and your customers’ privacy are more than just digital currency – they form the basis of trust between you and your customer base. This is why legal advisors play a central part in the digital revolution: they must build a bridge between the dynamic landscape of innovation and the solid ground of data protection. Our expertise in data protection law paves the way for your company to make full use of the opportunities presented by the digital world without compromising the confidentiality and security of data.

The increasing integration of technologies such as cloud computing, big data and artificial intelligence into everyday business life raises a flood of questions regarding legal issues. It’s not just about navigating strict regulations like the EU General Data Protection Regulation (GDPR) or the German Federal Data Protection Act (BDSG), but also about developing a robust data protection strategy that protects your company from potential risks whilst maximising the value of your services.

Our specialised team not only offers sound advice on current legislation, but can also support you by coming up with pragmatic and future-oriented solutions that are tailored to your company’s specific needs. We can guide you through the regulatory jungle and help you develop a data protection strategy that is both innovative and compliant. In doing so, we always keep our finger on the pulse of time and update our strategies in line with the latest rulings and regulations to ensure that you are always one step ahead.

Working with you, we develop data protection solutions which, in addition to being in conformity with the legal framework, are also conducive to your business objectives. Whether it’s a matter of secure international data transfers or of implementing data protection-friendly technology, our goal is to make your business processes seamless and secure. With a clear vision for the future and a firm understanding of the present, we are committed to helping your company navigate the digital landscape successfully, always using data protection as a compass.

Read more Read less

  • Advising on all matters pertaining to data protection law, particularly taking into account the special requirements in the public sector
  • Advising on organising matters in a data protection compliant way and on maintaining such organisation
  • Defending against claims for information and damages with the protection of personal data in mind

  • Providing comprehensive data protection law advice for national and international companies and for internal data protection officers
  • Appointment as an external data protection officer and providing support as such
  • Advising on introducing and implementing organisational data protection rules and procedures
  • Advising on introducing data protection compliant business models and processes
  • Advising on carrying out data protection impact assessments, e.g. in connection with the introduction of Microsoft 365, video surveillance or big data applications
  • Drafting and updating relevant documents under data protection law, such as data protection policies, data protection notices or agreements
  • Advising on setting up, implementing and maintaining a data protection compliance system in the company
  • Providing representation vis-à-vis data protection supervisory authorities
  • Advising on risk management in the event of data protection incidents
  • Providing representation in judicial disputes regarding breaches of data protection law
  • Carrying out national and international data protection audits

  • Carrying out a complete survey and audit of compliance management systems (based largely on the PS 981 audit standard)
  • Analysing the existing data protection management
  • Examining existing processes for whether they meet the requirements under data protection law
  • Advising on introducing a new, data protection compliant data protection management system
  • Examining processes, policies and other procedures for their conformity with the GDPR
  • Drafting and updating data protection management records and other documentation

  • Advising, for example, on introducing whistleblowing programmes, human resource or assessment systems at national and international levels
  • Advising on drafting and negotiating works agreements on the basis of the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG)
  • Training courses and data protection workshops (e.g. employee workshops)

  • Data protection-compatible design when using new technologies, such as AI applications, smart home, car data or health apps
  • Transactional advice (GDPR-compliant due diligence and integration / merger of companies)
  • Advising on setting up websites, online shops and cookie walls and on using tracking and analysis tools

  • Advising regarding cross-border data processing both for intra-group data exchange and with external parties
  • Drafting and negotiating the necessary agreements (group data privacy framework agreements)
  • Advising on introducing EU standard contractual clauses and binding corporate rules (BCRs)
  • Carrying out national and international data protection audits
  • Assisting with transfer impact assessments
  • Analysing actual international data transfers and advising on the conclusion of data protection compliant agreements
  • Identifying intra-group transfers and helping draft contractual clauses containing additional guarantees

  • Advice in the implementation of the EU Data Act
  • Support regarding the B2B- and B2C data provision
  • Advice on interoperability- and cloud switching regulations
  • Advice on the protection of business secrets
  • Support regarding the implementation of “Data Access by Design” for linked products
  • Development of tailored Data Sharing Agreements as well as review and amendment of existing cloud agreements
  • Designing internal processes for efficient and legally compliant processing of data access requests
  • Risk analysis and advice regarding the deployment of standard contractual clauses
  • Legal representation in regulatory- and dispute proceedings

  • Legal assessment and update of Data Privacy- and IT Security Management
  • Regular monitoring and update of internal guidelines, emergency procedures and checklists
  • Training on data privacy and IT security
  • Immediate analysis of cyber attacks and assessment of legal consequences
  • Preparation of notifications to authorities and data subjects
  • Examination and initiation of claims for damages and legal action
  • Development of strategies to defend against potential claims for damages by third parties
  • Examination and enforcement of claims against insurers
  • Defence against claims for damages and class actions

  • Conducting AI compliance audits for the legal and regulatory review of AI initiatives, particularly in the areas of data protection, copyright, consumer protection, labour law and EU law
  • Conducting AI compliance audits for the legal and regulatory review of AI initiatives, particularly in the areas of data protection, copyright, consumer protection, labour law and EU law
  • Development of data protection strategies for AI systems
  • IP strategy consulting for AI to develop a comprehensive protection concept for AI technologies and products
  • Development of tailor-made contract drafts and support throughout the entire negotiation process
  • Regulatory advice for AI development and deployment
  • Risk analysis and -management for AI applications
  • AI start-up consulting, including IP strategy development, compliance reviews and financing advice
  • Advice on liability issues in the event of AI errors and preventive identification of potential risk areas
  • Training and workshops regarding AI law

 

 

Key Contacts
Silvia C. Bauer
Silvia C. Bauer
Partner | Lawyer
+49 221 9937 25789
E-Mail Icon
Dr Stefanie Hellmich, LL.M.
Dr Stefanie Hellmich, LL.M.
Partner | Lawyer
+49 69 27229 24118
E-Mail Icon
Dr Michael Rath
Dr Michael Rath
Partner | Lawyer
+49 221 9937 25795
E-Mail Icon
Dr Kay Oelschlägel
Dr Kay Oelschlägel
Partner | Lawyer
+49 40 18067 12175
E-Mail Icon
Newsroom Data Protection Law
A blurred hospital corridor with soft lighting. A healthcare professional in a white coat stands by a door, suggesting an environment focused on medical care. The atmosphere conveys a sense of clinical activity and support.

Healthcare: Luther supports the state of Brandenburg in establishing the Medical University of Lusatia

01.07.2024 | PR
Three professionals engage in a discussion in a well-lit office with large windows showcasing a cityscape. One person holds a tablet, while the others appear to be sharing ideas. A pair of glasses is placed in the foreground, emphasizing a scholarly or business context.

Luther advises AG Capital on partnership with Layenberger Nutrition Group GmbH

15.02.2024 |
A group of professionals in a meeting room is depicted, with four individuals visible from the back. They are engaged in discussion, facing a table with documents. The environment is modern and bright, creating a collaborative atmosphere.

Acquisition of an international management consultancy: Luther advises Vocatus on the sale of all shares to Accenture

19.01.2024 |
Three glasses of beer are arranged on a wooden surface, featuring a light lager, an amber ale, and a dark stout, each topped with a frothy head. Surrounding the glasses are fresh hop cones and barley, enhancing the scene's focus on beer brewing.

Brewery group Haus Cramer on course for growth: Luther advises on participation in online beer trade

06.09.2023 | PR
Logo of "The Legal 500" featuring the text prominently. The background is a solid color, creating a bold and striking visual. The design emphasizes legal services and professional recognition.

The Legal 500 Germany – Luther again in the Top Tier twice

27.01.2022 | PR
Team Data Protection Law
Silvia C. Bauer

Silvia C. Bauer

Partner

Cologne

Dr Maximilian Dorndorf

Dr Maximilian Dorndorf

Partner

Essen

Adrian Freidank

Adrian Freidank

Counsel

Cologne

István Fancsik, LL.M. (London)

István Fancsik, LL.M. (London)

Senior Associate

Essen

Jonny H. Giessel

Jonny H. Giessel

Senior Associate

Frankfurt a.M.

Dr Stefanie Hellmich, LL.M.

Dr Stefanie Hellmich, LL.M.

Partner

Frankfurt a.M.

Dr Lea Hachmeister

Dr Lea Hachmeister

Senior Associate

Frankfurt a.M.

Julia Hartung, Maîtrise en Droit

Julia Hartung, Maîtrise en Droit

Senior Associate

Singapore

Felix Hielscher

Felix Hielscher

Senior Associate

Stuttgart

Laura Hoffmann, LL.M. (Dresden/London)

Laura Hoffmann, LL.M. (Dresden/London)

Senior Associate

Frankfurt a.M.

Johannes Klausch, LL.M. (London)

Johannes Klausch, LL.M. (London)

Partner

Berlin

Elisabeth Kohoutek

Elisabeth Kohoutek

Partner

Frankfurt a.M.

Dr Maximilian Kressner, M.Jur. (Oxford)

Dr Maximilian Kressner, M.Jur. (Oxford)

Partner

Singapore

Christian Kuß, LL.M.

Christian Kuß, LL.M.

Partner

Cologne

Niccolo Langenheim, LL.M.

Niccolo Langenheim, LL.M.

Senior Associate

Cologne

Iris López Martínez, LL.M.

Iris López Martínez, LL.M.

Senior Associate

Berlin

Dominik Menhaj

Dominik Menhaj

Senior Associate

Hamburg

Franziska Maier, LL.M. (UCLA)

Franziska Maier, LL.M. (UCLA)

Associate

Stuttgart

Anna-Laura Martens

Anna-Laura Martens

Associate

Berlin

Alina Moers

Alina Moers

Associate

Cologne

Franziska Neugebauer

Franziska Neugebauer

Senior Associate

Cologne

Dr Kay Oelschlägel

Dr Kay Oelschlägel

Partner

Hamburg

Michelle Petruzzelli

Michelle Petruzzelli

Senior Associate

Cologne

Quy Le, LL.M.

Quy Le, LL.M.

Counsel

Ho Chi Minh City

Dr Michael Rath

Dr Michael Rath

Partner

Cologne

Dr Christian Rabe

Dr Christian Rabe

Counsel

Hamburg

Dr Florian Rockenbach

Dr Florian Rockenbach

Counsel

Munich

Dr Manuel Rueß

Dr Manuel Rueß

Associate

Hamburg

Leif Dustin Schneider

Leif Dustin Schneider

Counsel

Ho Chi Minh City

Dr Clara Schulze Velmede

Dr Clara Schulze Velmede

Associate

Leipzig

Deike Tamm

Deike Tamm

Associate

Frankfurt a.M.

Marc Theiner

Marc Theiner

Associate

Singapore

Pierre Daniel Wittmann

Pierre Daniel Wittmann

Senior Associate

Frankfurt a.M.

Clara von Wolffersdorff

Clara von Wolffersdorff

Associate

Leipzig

Awards
Legal500 Top Tier 2026
Chambers Europe 2025
Legal500 Top Kanzlei 2025
The Lawyer European Awards 2024 - Law Firm of the Year: Germany
Juve Awards 2024 - "Law Firm of the Year Regulatory Law"
Chambers Europe 2024
Legal500 Top Kanzlei 2024
Legal500 Green Guide EMEA 2024
Juve Awards 2023 - "Law Firm of the Year Public Procurement"
Juve Awards 2023 - "Law Firm of the Year Distribution, Trade & Logistics"
Chambers Europe 2023
Legal500 Top Tier 2023
Juve Award 2022 - "Kanzlei des Jahres Südwesten"
azur Award 2022
Chambers Europe 2022
Legal500 Top Tier 2022
European Law Firm of the Year
Chambers EUR 2021
Legal 500 Top Tier 2021
PMN Management Awards 2020
PMN Management Awards 2020
Chambers EUR 2020
Legal Tech Kanzlei
Legal 500
Juve Award 2019 - "Law Firm of the Year 2019"
PMN Management Awards 2019