Data Protection, IT, Outsourcing

Digitalisation has made data protection a top priority concern at executive level. There are almost no technical limits to the possibilities of storing, evaluating and trading personal data. Digital transformation, industry 4.0 and the internet of things raise new legal questions. Within a high-tech corporate organisation it is becoming ever more important to draft IT contracts which are legally secure and data protection-compliant.

Creating effective data protection

Since the EU General Data Protection Regulation (GDPR) became effective in May 2018, companies have been forced to keep their internal processes compliant with data protection law, to constantly reassess data protection risks and to counter them with effective protective mechanisms – ideally by way of a data protection management system. Due to the GDPR concept of "accountability", those in charge are subject to constant responsibility and for reporting obligations to comply with all legal requirements.

Our lawyers specialising in data protection law support companies from the analysis of their status quo regarding data protection, to the implementation of effective data protection concepts. We draft data protection guidelines, act as ‘sparring partners’ for data protection officers, as well as IT and compliance officers, and take a close look at various areas of your day-to-day business in terms of data protection –from the design of your first interaction with visitors of your website to the right of those with an interest to be "forgotten".

In cooperation with our employment law practice group, the protection of employee data is a particular focus of our work, where we work out appropriate works agreements.

As far as data which is collected within the framework of internal investigations is concerned, our experts on data protection law work closely together with our lawyers involved in criminal compliance in order to take into account the requirements of international collaboration within a group.

Furthermore, we would be pleased to support you on data breach notifications and incident response plans for urgent matters, especially with regard to the considerable penalty risks of the GDPR, as well as in dealing with related criticism of press reporting.

Legally safeguarding IT structures

Our IT specialists advise you comprehensively on the drafting and negotiation of a wide variety of IT related contracts. We support you throughout specific contractual and licensing issues in connection with transactions, IT tender procedures and projects such as outsourcing or the introduction of new hardware and software. If an IT project gets out of hand, we will represent you in the assertion of warranty and damage claims.

Focus on data protection law
Counselling with regard to the EU General Data Protection Regulation (e.g. internal organisation of data protection, data management, obligations to record); drafting and review of data protection guidelines; employee data protection; drafting of contracts in compliance with data protection regulations (e.g. for order processing, cloud computing, functional transfer); data transfers abroad; rights of data subjects (in particular correction and deletion concepts); data protection impact assessment; technical and organisational measures, privacy by design and privacy by default.

Focus on IT law
Negotiation, drafting and review of SaaS contracts, cloud contracts, contracts relating to the purchase or maintenance of software, etc., as well as domain or system contracts; e-commerce (e.g. advice and review on the introduction of web shop, social media and app concepts as well as on questions of the development and application of artificial intelligence (AI), drafting of web shop general terms and conditions and data protection declarations, drafting and review of all types of online marketing and payment contracts); support in IT related projects, e.g. software development, outsourcing, post-merger integration.