Legal advice in data protection
We offer companies comprehensive legal advice on data protection law.
Leading lawyers in data protection law
Legal advice on data protection: DPL Drewes Privacy Law Rechtsanwaltsgesellschaft mbH (DPL) advises your company on legal issues relating to data protection and the use of data. We specialize in advising larger corporate groups and internationally active corporations on the internal implementation of data protection regulations, including several DAX40 companies.
With their many years of expertise, our highly specialized data protection lawyers can demonstrate how companies can meet the challenges of the GDPR without neglecting the economic implications of data processing for operational activities. In addition, DPL’s attorneys assist in conducting a data protection impact assessment or provide coaching to the internal data protection officer.
DPL attorneys also advise on all aspects of the use of technical data, the protection of secrets under the Trade Secrets Act, and contracts for the use of data for marketing purposes.
Overview of services in legal advice in data protection
Data protection and marketing
When addressing customers in advertising, especially in dialog marketing, compliance with data protection regulations is a key obligation for companies today. Given the increased sensitivity of consumers, it is imperative for companies to comply with data protection laws in the area of marketing. We have many years of experience in the practical implementation of data protection requirements in marketing. Ask us well in advance of the introduction of Big Data analysis tools or the introduction of software for analyzing customer data. We are familiar with predictive analytics and comparable forms of data evaluation.
Our service areas include:
- Advice on data protection-compliant processing of customer data in the company for purposes of dialog marketing
- Checking the CRM system for compliance with data protection requirements
- Support in the development of a business intelligence strategy
- Consulting for the introduction of software for the analysis of customer data – predictive analytics is no foreign word for us!
Data protection on the Internet
We have extensive experience in complying with data protection regulations when designing a homepage, evaluating click data or targeting advertising (behavioral advertising), and will work with you to develop customized solutions for your company.
However, questions regarding the admissibility of re-targeting, the merging of data in a DMP or the data protection requirements for cookie matching are also part of our everyday work.
Our service areas include:
- Advice on personalization of the website in line with data protection requirements
- Consulting for the evaluation of click data
- Advice on the use of cookies
- Advice on the data protection requirements for re-targeting, cookie matching or data analysis in a DMP.
Arrange a consultation appointment with us
Do you need legal advice for your company in the area of data protection law? Then get in touch with us. Our leading specialist lawyers will be happy to help you.
Employee data protection
Companies are obliged to ensure that employee data is processed in compliance with data protection requirements. In addition to the requirements of data protection law, the standards of labor law and the current case law of the Federal Labor Court must also be taken into account. We have extensive experience in advising companies on all aspects of employee data protection: from the introduction of an applicant platform to the data protection-compliant design of internal company processes – such as the use of Workday or myBI / Salesforce. Advice on data exchange with the works council is also standard practice for us.
Our service areas include:
- Consultations on data protection-compliant processing of employee data
- Employee control consultations / access to email correspondence.
- Advice on the introduction of home office arrangements
- Consultations on outsourcing employee data to an external service provider / cloud computing
- Consulting on the centralization of data processing within a group of companies
- Advice on data processing by the works council
- Advice on the expansion of the empire and the design of joint responsibility according to Art. 26 DSGVO
Data protection in the Group
The use of data within a group of companies, especially in the case of international groups, often turns out to be very complicated. We will show you how to implement the requirements of German data protection law in a group of companies / corporate group in a practical manner. Here, too, we have extensive knowledge of the data protection-compliant design of such processes. Of course, we will also show you how they should implement the data protection requirements for joint responsibility in accordance with Art. 26 DSGVO within the group.
Our service areas include:
- Advice on the data protection-compliant design of data processing within a group of companies / corporate group
- Development of Group-wide guidelines on data protection
- Development of Binding Corporate Rules
- Advice on transferring data to companies outside the EU
Our tip: Get data protection certification
We can certify your data processing operations in accordance with European data protection law, so that you then receive the ADCERT data protection seal of approval.
International data transfer
Many companies have outsourced data processing to service units in third countries. Especially for simple data processing or the outsourcing of call center activities, companies are used in countries outside the EU / EEA. We show you how you can design this outsourcing in a data protection-compliant manner. We know our way around the design of Binding Corporate Rules or the use of EU standard contractual clauses.
In addition, we can also verify compliance with Binding Corporate Rules for you and – if desired – also have this certified by ADCERT Privacy Audit GmbH.
Our service areas include:
- Advice on data protection-compliant outsourcing of business processes to third countries
- Verification of compliance with Binding Corporate Rules
Outsourcing / Cloud Computing
Numerous companies outsource business processes to service providers. In the field of advertising, lettershops are often used for data processing. In many companies, cloud computing is very popular. Numerous applications are purchased as “software as a service” applications. Even in the run-up to such a cloud computing application, companies should ask themselves internally what data protection requirements need to be observed.
We have extensive experience in contracting and controlling service providers. We have already supported numerous companies in the introduction of cloud applications. Particularly in the case of outsourcing data processing, the interaction of experts from data protection and IT security is a significant advantage of our service.
Our service areas include:
- Advice on using external service providers to comply with the requirements of data protection law and IT security
- Monitoring of service providers for compliance with data protection requirements
- Consulting for the introduction of cloud computing applications