Dr Stefanie Hellmich, LL.M.
Areas of practice
Dr Stefanie Hellmich specialises in IT and data protection law and the protection of industrial property rights. She advises companies on questions of law related to digitalisation and helps them draft and negotiate contractual and business terms and conditions. In the area of FinTech, this includes, in particular, providing advice on outsourcing projects, cooperation agreements and platforms. In the area of data protection law, Stefanie Hellmich provides comprehensive assistance with implementing the EU General Data Protection Regulation and with data protection compliance issues, including international data transfers.
Vita
Dr Stefanie Hellmich finished her degree at the University of Bielefeld (Germany) in 1994, completed a “Master de Derecho de la Unión Europea” degree at Carlos III University in Madrid (Spain) in 1995, and was admitted to the German Bar in 1998. After working at Deutsche Morgan Grenfell in Sydney (Australia) and at Garrigues Andersen in Madrid, she joined Luther’s predecessor firm in 1998 and has remained with the firm ever since.
Honors and distinctions
- Chambers FinTech Guide 2025: Ranking in "FinTech Legal", Band 4 (first ranking in 2021, "She is easy to work with, sticks to deadlines and is pragmatic in her approach.")
- The Legal 500 Germany 2025: Award "Leading Name" in the category "Information Technology - Data Protection" (first award in 2022, first mention in 2021) as well as recommendation in the category "Banking and Finance Law - Fintech" (first mention in 2021, "Very knowledgeable and an expert in the FinTech sector. Always available, even though she is very busy.")
- The Legal 500 Germany 2024: Mention in "City Focus - Frankfurt"
- The Legal 500 Germany 2021: "Next Generation Name" award in the category "Information Technology - Data Protection"
- Best Lawyers 2025: Recommendation in "Data Security and Privacy Law" (first recommendation in 2021) and "Information Technology Law"
Clients
- Providing data protection advice to a fibre optic network provider on contracts regarding the development, management and operation of a network, the distribution of Internet service provider connection contracts and network connection contracts
- Drafting terms and conditions for end customers and cooperation partners and outsourcing contracts on behalf of an open banking deposit platform
- Providing ongoing data protection and IT law advice to an online bank in connection with transactions to transfer the deposit and leasing businesses
- Drafting Software-as-a-Service terms and conditions for e-vouchers on behalf of a trading platform
- Drafting Software-as-a-Service terms and conditions on behalf of a provider of hardware-agnostic surgical software
- Advising an internationally operating building material trading company on the introduction of SAP S/4HANA
- Advising an internationally operating steel trading company on the introduction of the new EU standard contractual clauses from June 2021
- Designing the data exchange relationships with OEMs and advising on a hyper ledger-based data exchange project on behalf of an internationally operating data analytics services provider
- Drafting predictive maintenance Software-as-a-Service terms and conditions as part of an Industry 4.0 project
- Providing legal assistance with a data protection impact assessment for a telematics product for a truck fleet
- Advising on the data protection aspects of internal investigations in cases of suspected corruption on behalf of an internationally operating manufacturing company
- Drafting terms and conditions for the use of streaming services on behalf of a German credit institution
Publications
- Germany: New Ordinance on automated and autonomous vehicles, in: Data Protection Leader, Volume 4, Issue 2/2022
- DS-GVO Bußgelder in der Praxis: Wer muss den Rückgriff fürchten?, in: RDV - Zeitschrift für Datenschutz-, Informations- und Kommunikationsrecht 2022 (gemeinsam mit Kata Éles)
- EU-Empfehlungen nach 'Schrems II' - Wie lässt sich der internationale Datentransfer retten?,in: Legal Tribune Online (LTO) vom 07. Dezember 2020
- First-aid kit for “Schrems II” compliance, in: Luther vom 30. Juli 2020
- Die neuen EBA-Guidelines
- Editor of the study "DAC Beachcroft GDPR Liability Study Personal Data: the new oil and its toxic legacy under the General Data Protection Regulation" (together with Hans Allnutt & Rhiannon Webster) 2017
- Bearbeitung des Kapitels "Rechtliche Ansätze zur Steuerung von Markenkommunikation in neuen Medien in Zeiten von Medienkonvergenz und Big Data", in: Marken und Medien - Führung von Medienmarken und Markenführung mit neuen und klassischen Medien, herausgegeben von Stefanie Regier, Holger Schunk & Thomas Könecke, Springer Verlag, 2016
- Datenschutz bei mobilen Bezahlsystemen, in: K&R, Ausgabe November 2015
- Domains im Agenturgeschäft nach der "grundke.de" Entscheidung, in: K&R 2007, S. 494-499
- "Whistleblowing" – Einführung von Ethik- und Antikorruptionsrichtlinien und Reportingstrukturen, in: Aktuelle Entwicklungen im Informationstechnologierecht 2007, S. 135-142
- Rechtssicherheit bei der Übermittlung von Fluggastdaten in die USA, in: Multimedia und Recht (MMR) 2007, IX
- Study "Data Protection in the European Union and other Selected Countries" 2006
- Leitfaden IT-Recht, in: Bundesanzeiger Verlag, 2004
- Defining the role of the European Data Protection Officer, in: Privacy Laws & Business, Ausgabe May/June 2004
- Location Based Services - Datenschutzrechtliche Anforderungen, in: Multimedia und Recht (MMR), Heft 3/2002, S. 152-158
- Nuevos productos, servicios y canales de distribución: El comercio electrónico en Alemania, in: Andersen-Cámara de Comercio Alemana para España
- Rechtliche Probleme von Online-Auktionen, in: Multimedia und Recht (MMR), Heft 2/2000, S. 65-72
- Überwachung in der Telekommunikation, Haftung und Risiken nach dem neuesten Entwurf einer TKÜV, in: Computer & Recht (CR), Heft 10/1999
Blog posts
- Federal Cartel Office launches sector inquiry on messenger services - the next step to a "Super Consumer Protection Authority" in the digital world?
- Strong customer authentication via apps - who takes responsibility for personal data?
- Working from home in times of corona - data privacy requirements
- Die neuen EBA-Guidelines
Lectures
- 17.04.2024: Creating and Implementing Corporate AI Guidelines
- 25.07.2023: Das Hinweisgeberschutzgesetz aus arbeits- und datenschutzrechtlicher Sicht – Was ist zu tun?“
- 10.11.2022: unyer Webinar I 360 Degree Marketing – Avoiding the Pitfalls
- 21.05.2019: Video Ident und eSigning im Dschungel von eIDAS und DSGVO - Rechtssicher digitale Verträge abschließen, 2. Bankensymposium Digitalisierung & Recht 2019
- 14.11.2018: "Mitarbeiter und ihre Rechte als Betroffene", BVAU- Roadshow "Datenschutz am Arbeitsplatz"
- 12.11.2018: Cloud Strategie und DSGVO - Compliance Herausforderungen, Management Circle Konferenz "Zukunft der Banken"
- 16.10.2018: "Mitarbeiter und ihre Rechte als Betroffene", BVAU- Roadshow "Datenschutz am Arbeitsplatz"
- 18.04.2018: KI, Data Analytics, Big Data und Robo Advice - was gilt es aus rechtlicher Sicht zu beachten?, Management Circle Konferenz "Künstliche Intelligenz in der Finanzbranche", 18. und 19. April Frankfurt am Main
- 21.03.2018: Sind Sie bereit für die EU-DSGVO?, Arbeitsrechtsfrühstück Frankfurt
- 14.03.2018: Sind Sie bereit für die EU-DSGVO?, Arbeitsrechtsfrühstück Frankfurt
- 29.01.2016: Luther FinTech Gespräche im House of Finance, Institute for Law and Finance:
- 11.09.2015: Datenschutz bei Zahlungsdiensteanbietern und mobilen Bezahlsystemen (Mobile Payment), DSRI-Herbstakademie 2015
- 22.05.2014: Data Protection – Challenges for Electronic Communication in Transatlantic Business, Institute for Law and Finance: Joint Conference of ABA and DAJV
- 22.10.2013: IT-Recht kompakt, Management Circle Intensiv-Seminar
- 12.07.2013: IT-Recht kompakt, Management Circle Intensiv-Seminar
- 12.07.2013: IT-Recht kompakt, Management Circle Intensiv-Seminar
- 09.12.2010: Social Web – was ist wirklich dran?, RED Corner
- 18.10.2009: Das neue Datenschutzrecht im Arbeitsverhältnis, Unternehmensgespräch zum Datenschutz
Memberships
She is a member of the German Association of Law and Informatics (Deutsche Gesellschaft für Recht und Informatik e.V. – DGRI), a co-author of the data protection law commentary Taeger/Gabel, DSGVO BDSG, and frequently publishes articles and gives lectures on topics related to IT and data protection law, for example, on mobile payment systems, usage of AI, data analytics and Big Data in the financial industry, outsourcing in the banking sector, and the implementation of the requirements stipulated in the EU General Data Protection Regulation and the proposed ePrivacy Regulation.
Partner
Dr Wulff-Axel Schmidt
Partner
Frankfurt a.M.
Volker von Alvensleben
Of Counsel
Hamburg
Tobias Osseforth, Mag. rer. publ.
Partner
Munich
Tobias Schneider
Senior Associate
Cologne
Dr Thomas Schwieters
Associate
Hanover
Thomas Weidlich, LL.M. (Hull)
Partner
Cologne
Dr Stephan Bausch, D.U.
Partner
Cologne
Dr Stephan Rippert LL.M.
Partner
Munich
Stephan Gittermann
Partner
Frankfurt a.M.
Steffen Häberer
Partner
Leipzig
Stefanie Kandzia, LL.M.
Senior Associate
Hamburg
Dr Stefanie Hellmich, LL.M.
Partner
Frankfurt a.M.
Silvia C. Bauer
Partner
Cologne
Dr Sebastian Felix Janka, LL.M. (Stellenbosch)
Partner
Munich
Sabrina Aurnhammer
Associate
Munich
Dr Rolf Kobabe
Partner
Hamburg
Robert Schindler
Counsel
Essen
Pierre Daniel Wittmann
Senior Associate
Frankfurt a.M.
Philipp Dietz, LL.M. (Edinburgh)
Partner
Cologne
Paula Dresler
Associate
Berlin
Niccolo Langenheim, LL.M.
Associate
Cologne
Michelle Petruzzelli
Senior Associate
Cologne
Dr Michael Rath
Partner
Cologne
Dr Melanie Verstege
Counsel
Essen
Dr Maximilian Dorndorf
Partner
Essen
Dr Maximilian Kressner, M.Jur. (Oxford)
Partner
Singapore
Maximilian Issels, LL.M. (Stellenbosch)
Associate
Munich
Martin Zackor, LL.M. (UCD)
Counsel
Frankfurt a.M.
Dr Markus Sengpiel
Managing Partner
Cologne
Marc Theiner
Associate
Singapore
Manuel Rueß
Associate
Hamburg
Lutz Keller
Senior Associate
Cologne
Lida Karra
Associate
Frankfurt a.M.
Leif Dustin Schneider
Counsel
Ho Chi Minh City
Laura Hoffmann, LL.M. (Dresden/London)
Senior Associate
Frankfurt a.M.
Dr Kuuya Josef Chibanguza, LL.B.
Partner
Hanover
Dr Kay Oelschlägel
Partner
Hamburg
Katharina Klenk-Wernitzki, Dipl. Reg.-Wiss
Partner
Berlin, Cologne
Katharina Müller-Ehrlichmann, LL.M. oec.
Partner
Cologne
Dr Katharina Preuss
Senior Associate
Cologne
Karsten Köhler
Partner
Leipzig
Julian Adams
Associate
Hamburg
Dr Jörgen Tielmann, LL.M.
Partner
Hamburg
Jonny H. Giessel
Senior Associate
Frankfurt a.M.
Johannes Klausch, LL.M. (London)
Partner
Berlin
Dr Johannes Becker
Counsel
Cologne
Jenny Schindler
Senior Associate
Munich
Jan Zimmer
Senior Associate
Singapore
István Fancsik, LL.M. (London)
Senior Associate
Essen
Dr Isabel Schäfer
Senior Associate
Hamburg
Iris López Martínez, LL.M.
Senior Associate
Berlin
Dr Helmut Janssen, LL.M. (King's College London)
Partner
Brussels, Dusseldorf
Hannah Aigner
Senior Associate
Munich
Guido Wenzel
Partner
Hamburg
Dr Gregor Wecker
Partner
Cologne
Dr Gernot-Rüdiger Engel
Partner
Hamburg
Dr Geert Johann Seelig
Partner
Hamburg
Franziska Neugebauer
Senior Associate
Cologne
Franziska Maier, LL.M. (UCLA)
Associate
Stuttgart
Felix Hielscher
Senior Associate
Stuttgart
Eric Doyé
Associate
Leipzig
Elisabeth Kohoutek
Partner
Frankfurt a.M.
Dominik Menhaj
Senior Associate
Hamburg
Dr Detlef Mäder
Partner
Cologne, Dusseldorf
Dr Denis Schütz
Senior Associate
Essen
Dr Daniel Bischof
Counsel
Hamburg
Daniel Latta
Partner
Berlin
Cornelia Yzer
Of Counsel
Berlin
Clara von Wolffersdorff
Associate
Leipzig
Dr Clara Schulze Velmede
Associate
Leipzig
Christina Rygula, LL.M. (Dublin)
Senior Associate
Hamburg
Christiane Kühn, LL.M. (Hong Kong)
Partner
Munich
Christian Kuß, LL.M.
Partner
Cologne
Dr Christian Horn, LL.M. (Tulane)
Partner
Berlin
Dr Christian Rabe
Senior Associate
Hamburg
Dr Cédric Müller, LL.M. (Bristol)
Partner
Essen
Carsten Andreas Senze
Partner
Stuttgart
Caroline Ackermann
Counsel
Munich
Dr Björn Simon
Partner
Frankfurt a.M.
Benedikt Stücker
Senior Associate
Hanover
Dr Astrid Schnabel, LL.M. (Emory)
Partner
Hamburg
Anton Spinty
Senior Associate
Berlin
Anne-Sophie Fischer
Associate
Munich
Anna-Laura Martens
Associate
Berlin
Anja Schwarz, LL.M. (London)
Senior Associate
Cologne
Dr Andreas Vath
Partner
Munich
Dr.iur. Andreas Knaul, LL.M. diap (ENA)
Berlin
Andreas Tüxen, LL.M. (American University / WCL)
Partner
Berlin
Dr Andreas Kloyer
Partner
Frankfurt a.M., London
Alisa Schöneberg
Associate
Cologne
Dr Aline Mück
Senior Associate
Cologne
Alina Moers
Associate
Cologne
Alexander F. Liebing, LL.M.
Counsel
Leipzig
Adrian Freidank
Counsel
Cologne