Legal advice in data protection

Legal advice on data protection: DPL Drewes Privacy Law Rechtsanwaltsgesellschaft mbH (DPL) advises your company on legal issues relating to data protection and the use of data. We specialize in advising larger corporate groups and internationally active corporations on the internal implementation of data protection regulations, including several DAX40 companies.

With their many years of expertise, our highly specialized data protection lawyers can demonstrate how companies can meet the challenges of the GDPR without neglecting the economic implications of data processing for operational activities. In addition, DPL’s attorneys assist in conducting a data protection impact assessment or provide coaching to the internal data protection officer.

DPL attorneys also advise on all aspects of the use of technical data, the protection of secrets under the Trade Secrets Act, and contracts for the use of data for marketing purposes.

When addressing customers in advertising, especially in dialog marketing, compliance with data protection regulations is a key obligation for companies today. Given the increased sensitivity of consumers, it is imperative for companies to comply with data protection laws in the area of marketing. We have many years of experience in the practical implementation of data protection requirements in marketing. Ask us well in advance of the introduction of Big Data analysis tools or the introduction of software for analyzing customer data. We are familiar with predictive analytics and comparable forms of data evaluation.

We have extensive experience in complying with data protection regulations when designing a homepage, evaluating click data or targeting advertising (behavioral advertising), and will work with you to develop customized solutions for your company.

However, questions regarding the admissibility of re-targeting, the merging of data in a DMP or the data protection requirements for cookie matching are also part of our everyday work.

Companies are obliged to ensure that employee data is processed in compliance with data protection requirements. In addition to the requirements of data protection law, the standards of labor law and the current case law of the Federal Labor Court must also be taken into account. We have extensive experience in advising companies on all aspects of employee data protection: from the introduction of an applicant platform to the data protection-compliant design of internal company processes – such as the use of Workday or myBI / Salesforce. Advice on data exchange with the works council is also standard practice for us.

The use of data within a group of companies, especially in the case of international groups, often turns out to be very complicated. We will show you how to implement the requirements of German data protection law in a group of companies / corporate group in a practical manner. Here, too, we have extensive knowledge of the data protection-compliant design of such processes. Of course, we will also show you how they should implement the data protection requirements for joint responsibility in accordance with Art. 26 DSGVO within the group.

Many companies have outsourced data processing to service units in third countries. Especially for simple data processing or the outsourcing of call center activities, companies are used in countries outside the EU / EEA. We show you how you can design this outsourcing in a data protection-compliant manner. We know our way around the design of Binding Corporate Rules or the use of EU standard contractual clauses.

In addition, we can also verify compliance with Binding Corporate Rules for you and – if desired – also have this certified by ADCERT Privacy Audit GmbH.

Numerous companies outsource business processes to service providers. In the field of advertising, lettershops are often used for data processing. In many companies, cloud computing is very popular. Numerous applications are purchased as “software as a service” applications. Even in the run-up to such a cloud computing application, companies should ask themselves internally what data protection requirements need to be observed.

We have extensive experience in contracting and controlling service providers. We have already supported numerous companies in the introduction of cloud applications. Particularly in the case of outsourcing data processing, the interaction of experts from data protection and IT security is a significant advantage of our service.