Blog

09
Sep
von
Dr. Thomas Helbing

This post provides a guideline to ensure compliance with the General Data Protection Regulation (GDPR) when developing Apps and for drafting Privacy Notices (i.e. Privacy Policy) for Apps.

15
Jul
von
Dr. Thomas Helbing

Not interested in lengthy and expensive GDPR audits? Think about the following five questions to easily get a first idea of an organization’s level of GDPR compliance:

  1. What data protection awareness measures have been taken in the last 12 months (e.g. online/classroom employee trainings, content, scope)?
  2. What is the content of the last two annual reports of the Data Protection...
09
Jul
von
Dr. Thomas Helbing

A Data Protection Policy (or SOP) is a work instruction that sets out responsibilities and processes to ensure compliance with the GDPR in your company. It covers much more than just data security. In my opinion, a Data Protection Policy is the most important and often neglected data protection instrument in medium and large-sized companies.

24
May
von
Dr. Thomas Helbing

Overview of data protection law (GDPR) requirements for websites, apps and online platforms in Germany.

13
Mar
von
Dr. Thomas Helbing

The Data Protection Authority for the German federal state of Schleswig-Holstein ("Unabhängiges Landeszentrum für Datenschutz - ULD", the "DPA") has published in June 2010 a paper about cloud computing under German data protection law. The most doubtful statement is that the usage of clouds outside the EU might be in violation of German data protection law.

In this analysis I give an overview over some statements of the paper, explain the legal background and analyze the DPA's position.

26
Mar
von
Dr. Thomas Helbing

On 5 February 2010 the Commission of the European Union (EU) has updated the set of standard contractual clauses for the transfer of personal data to processors in non-EU countries. The old clauses are repealed with effect from 15 May 2010.

02
Feb
von
Dr. Thomas Helbing

The amended German data protection law obliges parties to data processing agreements to include into their contracts clauses on breach notifications, audit rights, subcontractingand a couple of other aspects. Nonconforming contracts can trigger administrative fines of up to € 50,000. Agreements already in place should be reviewed and policies implemented to ensure the compliance of future contracts.

Saving...