Increasing technology and internationalisation mean that data protection and IT law are becoming increasingly important. New technologies and trends present new challenges, such as
In order to avoid liability risks, international companies must meet highly complex national and international data protection and IT compliance requirements and adapt and expand their data protection management systems accordingly. This especially holds true in light of the EU Data Protection Regulation (GDPR) and the new Federal Data Protection Act (BDSG), which comes into effect on 25 May 2018 in Europe and, respectively, in Germany, and which will set greater requirements for data protection management.
This will not only affect DAX and MDAX companies, but also small and medium-sized companies. Complex issues such as
must be implemented in line with the legal requirements in order to avoid the massive imposition of fines under the GDPR.
At WTS, we help our clients to develop practical and economically viable solutions. Where necessary, we consider not just the legal, but also the technical and organisational aspects, including the underlying business processes. In doing so, we take into account current international standards (e.g. ISO / IEC 27001) and new approaches, such as the standard data protection model of the conference of independent data protection authorities of the federal and state governments in Germany.
Our data protection and IT legal services portfolio includes design consultancy as well as strategic, individual and procedural advice, including representation vis-à-vis the supervisory authorities, affected parties and courts.
Our WTS experts can also provide an external data protection officer as defined in para. 4f BDSG (1990); Art. 37, para. 6 GDPR. By doing so, our clients will profit from our interdisciplinary and international consulting expertise. This allows for a cost-efficient and direct deployment as a data protection officer ("plug & play").
Our consulting services at a glance:
We revise, negotiate and prepare
As well as drafting contracts, our experts also support in structuring internet sites and online sales portals (e- and m-commerce). We also support companies with centralisation and outsourcing measures (e.g. use of cloud services or shared service centres).
At WTS, we also create guidelines, concepts, operating procedures and declarations relating to data protection. These include declarations for
Furthermore, we support in implementing strategic projects. We assist with data protection compliant product development ("privacy by design"). In addition, we help to develop legally compliant and innovative marketing and sales concepts.
Advising on selecting a location for data processing is also one of our areas of expertise.
We support our clients in shaping their data protection organisation and data protection management in accordance with the GDPR and the BDSG 2018. This includes support with making data protection impact assessments or with the implementation of data protection audits as defined in Art. 32, para. 1 lit. d GDPR.
In addition, we carry out individual data protection and IT law assessments to allow room for manoeuvre or to uncover any existing risks. Our experts also advise on the conceptual design and implementation of internal processes that comply with data protection and IT law, for example when introducing business intelligence software or CRM or OBA applications.
In the event of an illegal data leak, we also provide our clients with comprehensive advice, check existing reporting requirements and, if necessary, represent them vis-à-vis the supervisory authorities. At WTS, we also support companies in reviewing or designing sensitive data processing that complies with data protection law, such as the collection of data as part of internal investigative measures or when introducing data loss prevention tools.
We also advise on implementing prior checks and preparing procedure directories. Furthermore we support in developing and implementing data protection compliant data clearing and blocking concepts as well as archiving processes.
In the event of inspections, requests for information, orders or the imposition of fines, we represent our clients vis-à-vis the supervisory authorities and courts.
We support companies in handling requests for information from affected parties and provide training to management, business units and data protection officers with respect to data protection issues, e.g. on the new challenges presented by the GDPR.
Do you have any questions about our services or WTS? Please let us know. Please fill in our short contact form. We will get in touch with you as soon as possible.