Data Protection & Privacy

              It is said that information is the oil of the 21st century. However, exploitation of personal information is regulated to protect individual freedom. Let us help you leverage data analytics in a manner compliant with data protection laws, and master the new challenges of the European General Data Protection Regulation.

              To find out more about our global legal services please visit our global site

              Data analytics is transforming how business is conducted
              Most things, interactions and behaviour are quantifiable and measureable. Availability of vast amounts of information and a matching analytical toolkit permeate and transform most industries. Businesses seek to leverage the information that is ever more readily available to reduce costs of doing business, and to expand their business.

              Some of this information, however, is protected by law as personal information. Data protection law is rapidly becoming one of the key areas of law, with which businesses need to comply in order to maximize the benefits from their data pools while avoiding possibly painful penalties.

              Changing compliance landscape
              With the upcoming European General Data Protection Regulation (GDPR), businesses not only across Europe, but all over the world will face new challenges in the area of data protection law. 

              • A new level playing field: The far reach jurisdiction of the GDPR extends the existing level of protection awarded to EU residents. Not only businesses in the EU, but also to businesses servicing the EU single market from outside the EU will need to comply with the high data protection and privacy standards. This may not only lead to better protection of the individuals’ rights, but also to a mitigation of (perceived) unfair competitive advantages for businesses operating out of lesser regulated jurisdictions.
              • New obligations for European businesses: As the next step in harmonizing data protection law across Europe will be taken in May 2018, businesses in many European jurisdictions will face new obligations. This may include becoming familiar with the concept of data protection officers, documenting data processing activities and being held accountable for the lawfulness of data processing and having in place the necessary technical safeguards.

              While legal compliance in itself – as well as the substantial possible fines – is certainly a good enough reason to take data protection seriously, there is more. Businesses have come to realize that data breaches are not only costly, but also damaging for businesses’ reputation. 

              Therefore, a good strategy on data protection and data security is seen as a vital component to foster greater trust of employees, customers and suppliers alike. And trust is, after all, the key to business growth and success.

              How we can help 
              We have lawyers advising on data protection law in most European jurisdictions with DWF offices. They each advise clients from all sectors and industries and go to considerable lengths to understand relevant technologies and business practices, and are able to communicate the legal concepts and requirements to clients without legal background in the client’s own language without unnecessary legal jargon.

              Our services
              Our services in the area of data protection include advice on:

              • classification of data to determine applicability of data protection law, especially in big data analytics situations,
              • assessment of the lawfulness of specific data processing activities,
              • data protection impact assessments, and possible measures to mitigate risks to the rights and freedoms of natural persons,
              • documentation and records of processing activities,
              • necessity for, and appointment of a data protection officer,
              • training for data protection officers and employees handling personal information, both for European and “third country” organizations,
              • inter-group or international data transfer, including data processing clauses and appropriate safeguards,
              • technical and organizational measures necessary to ensure compliance with data protection requirements,
              • drafting of declarations, such as privacy policies or consent,
              • management and fulfilment of rights of data subjects, such as information, correction or deletion rights, as well as right to data portability,
              • negotiation and drafting of contracts with data processors or third party recipients, or
              • contentious disputes, either out-of-court or in court, against supervisory authorities, contract partners or data subjects.

              For more information visit our Technology and Communications sector >

              Marco Müller-ter Jung, LL.M. (Informationsrecht)

              • Partner // Certified Information Technology Attorney

              Florian Daniel, LL.M. (Media Law)

              • Senior Associate // Certified Attorney for Intellectual Property Rights

              Dr. Dietmar Althaus

              • Senior Associate

              We use cookies to give you the best user experience on our website. Please let us know if you accept our use of cookies.

              Manage cookies

              Your Privacy

              When you visit any web site, it may store or retrieve information on your browser, mostly in the form of cookies. We mainly use this information to ensure the site works as you expect it to, and to learn how we can improve the experience in the future. The information does not usually directly identify you, but it can give you a more personalised web experience.
              Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change permissions. However, blocking some types of cookies may prevent certain site functionality from working as expected

              Functional cookies


              These cookies let you use the website and are required for the website to function as expected.

              These cookies are required

              Tracking cookies

              Anonymous cookies that help us understand the performance of our website and how we can improve the website experience for our users. Some of these may be set by third parties we trust, such as Google Analytics.

              They may also be used to personalise your experience on our website by remembering your preferences and settings.

              Marketing cookies

              These cookies are used to improve and personalise your experience with our brands. We may use these cookies to show adverts for our products, or measure the performance of our adverts.