Data Protection Law and services as external Data Protection Officer belongs to the fastest growing areas in the Consulting business, this applies to our firm as well. Technology such as Big Data enabled applications that involve highly relevant data protection issues. Many of our clients are by now using solutions such as Amazon Web Services, Google Apps or Microsoft Azure, which, depending on their business model, might not in line with data protection law. Cross-country IT solutions as well as new IT products and solutions increasingly trigger relevant data protection issues. This makes a reasonable compliance with data protection law and IT security necessary.
Based on our long lasting experience and our technical and economical understanding we are advising and supporting you with and data protection or IT issue from the very first beginning. The support often begins with the development of a new product or a new solution or increasingly with the question whether technical IT-solutions (such as Cloud Computing) comply with data protection laws. We are performing data protection compliance audits and are serving our clients as external data protection officers (through our sister company SBR IT & Data Services GmbH).
In the data protection area the drafting of contracts comprises – in particular for companies with international business – not only the conventional controller-processor data processing, but also solutions for other countries, e.g. in the case of cloud computing (either within EU or outside). IT comprises also the draft of privacy statements (e.g. for websites), solutions for the use of telecommunication at the workplace (Internet, E-Mail and Telephone or BYOD) or data usage contracts.
In the data protection area lawsuits are rare, even if the data protection authorities regularly have opinions that have a small basis in the legal provisions at best. Therefore, the communication with the data protection authorities and our clients is more important in order to avoid lawsuits. In particular, in the area data protection long lasting legal procedures are not helpful (especially if they might result in a negative publicity). Therefore advice and support at the earliest stage possible is important in order to be able to support with the correct actions.