Dr Stefanie Hellmich, LL.M.

Dr Stefanie Hellmich, LL.M.

Dr Stefanie Hellmich, LL.M.

Frankfurt a.M.

T +49 69 27229 24118

Industries Information Tech & Telecommunications

Areas of practice

Dr Stefanie Hellmich specialises in IT and data protection law and the protection of industrial property rights. She advises companies on questions of law related to digitalisation and helps them draft and negotiate contractual and business terms and conditions. In the area of FinTech, this includes, in particular, providing advice on outsourcing projects, cooperation agreements and platforms. In the area of data protection law, Stefanie Hellmich provides comprehensive assistance with implementing the EU General Data Protection Regulation and with data protection compliance issues, including international data transfers.


Dr Stefanie Hellmich finished her degree at the University of Bielefeld (Germany) in 1994, completed a “Master de Derecho de la Unión Europea” degree at Carlos III University in Madrid (Spain) in 1995, and was admitted to the German Bar in 1998. After working at Deutsche Morgan Grenfell in Sydney (Australia) and at Garrigues Andersen in Madrid, she joined Luther’s predecessor firm in 1998 and has remained with the firm ever since.

Honors and distinctions
  • Chambers FinTech Guide 2024: Ranking in "Legal", Band 4 (first ranking in 2021, "She is easy to work with, sticks to deadlines and is pragmatic in her approach.")
  • The Legal 500 Germany 2024: Award "Leading Name" in the category "Information Technology - Data Protection" (first award in 2022, first mention in 2021) as well as recommendation in the category "Banking and Finance Law - Fintech" (first mention in 2021, "Very knowledgeable and an expert in the FinTech sector. Always available, even though she is very busy.") and mention in "City Focus - Frankfurt" 
  • The Legal 500 Germany 2021: "Next Generation Name" award in the category "Information Technology - Data Protection"
  • Best Lawyers 2025: Recommendation in "Data Security and Privacy Law" (first recommendation in 2021) and "Information Technology Law"

  • Providing data protection advice to a fibre optic network provider on contracts regarding the development, management and operation of a network, the distribution of Internet service provider connection contracts and network connection contracts
  • Drafting terms and conditions for end customers and cooperation partners and outsourcing contracts on behalf of an open banking deposit platform
  • Providing ongoing data protection and IT law advice to an online bank in connection with transactions to transfer the deposit and leasing businesses
  • Drafting Software-as-a-Service terms and conditions for e-vouchers on behalf of a trading platform
  • Drafting Software-as-a-Service terms and conditions on behalf of a provider of hardware-agnostic surgical software
  • Advising an internationally operating building material trading company on the introduction of SAP S/4HANA
  • Advising an internationally operating steel trading company on the introduction of the new EU standard contractual clauses from June 2021
  • Designing the data exchange relationships with OEMs and advising on a hyper ledger-based data exchange project on behalf of an internationally operating data analytics services provider
  • Drafting predictive maintenance Software-as-a-Service terms and conditions as part of an Industry 4.0 project
  • Providing legal assistance with a data protection impact assessment for a telematics product for a truck fleet
  • Advising on the data protection aspects of internal investigations in cases of suspected corruption on behalf of an internationally operating manufacturing company
  • Drafting terms and conditions for the use of streaming services on behalf of a German credit institution

Blog posts

She is a member of the German Association of Law and Informatics (Deutsche Gesellschaft für Recht und Informatik e.V. – DGRI), a co-author of the data protection law commentary Taeger/Gabel, DSGVO BDSG, and frequently publishes articles and gives lectures on topics related to IT and data protection law, for example, on mobile payment systems, usage of AI, data analytics and Big Data in the financial industry, outsourcing in the banking sector, and the implementation of the requirements stipulated in the EU General Data Protection Regulation and the proposed ePrivacy Regulation.