Data Protection Law

Industry 4.0, Big Data, car data, Internet of Things (IoT), cloud computing, smart home or e-health: personal data and the way it is being used is becoming an increasingly important part of existing or completely new business areas. Compliance with and the violation of data protection laws are thus increasingly becoming the focus of public attention. This means that companies need to find their way around the conflict between their business interests and the legal requirements, by ensuring their data protection is very well organised. Our pragmatic and solution-oriented team, which specialises in data protection law, can help you to ensure that this succeeds.

The processing of personal data is highly regulated. In addition to the EU General Data Protection Regulation (GDPR) and the new German Federal Data Protection Act (BDSG-neu), which has been amended to accord with EU law, sector-specific laws, such as the German Telecommunications Act (TKG) or the German Act Against Unfair Competition (UWG), regulate how personal data is handled. Compliance and liability risks must be considered and safeguarded with regard to the exploitation of personal data, which offers attractive business opportunities for companies.

Together with our clients, we develop the best industry-focused data protection solution for the company based on the current legislation, jurisprudence and the announcements made by the data protection supervisory authorities. This strategy is constantly being updated and is already taking into consideration the consequences of possible future developments.

Our range of advisory services:

Data protection in the company
  • Providing comprehensive data protection law advice for national and international companies and for internal data protection officers
  • Appointment as an external data protection officer and providing support as such
  • Advising on introducing and implementing data protection organisation
  • Advising on carrying out data protection impact assessments, e.g. in connection with video surveillance or Big Data applications
  • Drafting relevant documentation under data protection law, such as data protection guidelines, data protection information or contracts
  • Advising on implementing authorisation and deletion concepts
  • Representation vis-à-vis data protection supervisory authorities
  • Risk management in the event of data protection incidents
  • Carrying out national and international data protection audits
Employee data protection
  • Advising, for example, on introducing whistleblowing programs, human resources or assessment systems at national and international levels
  • Advising on drafting and negotiating works agreements on the basis of the EU General Data Protection Regulation (GDPR) and the new German Federal Data Protection Act (BDSG-neu)
  • Training courses and workshops (e.g. employee workshops)
Data protection for IT projects and web-based applications
  • Data protection-compatible design when using new technologies, such as smart home, car data or health apps
  • Transactional advice
  • Advising on setting up websites, online shops and cookie walls and on using tracking and analysis tools
Cross-border data transfer and cloud computing
  • Advising regarding cross-border data processing both for intra-group data exchange and with external parties
  • Drafting and negotiating the necessary contracts 
  • Advising on introducing binding corporate rules (BCRs)
  • Carrying out national and international data protection audits


16.04.2020 Blog
Videokonferenz-Plattformen im Datenschutz-Check
20.12.2019 Blog
Schrems gegen Facebook – Bleiben Standarddatenschutzklauseln weiterhin zulässig?

Key Contact >>

Key Contact

Silvia C. Bauer


T +49 221 9937 25789

Dr. Stefanie Hellmich, LL.M.


T +49 69 27229 24118

Dr. Michael Rath


T +49 221 9937 25795

Dr. Kay Oelschlägel


T +49 40 18067 12175