DATA PROTECTION AND DATA SECURITY

Piltz Legal helps companies and institutions to set up individual areas or projects in compliance with the GDPR and supports them in their day-to-day data protection business. From data protection declarations to complex data protection projects, we advise and support our clients - in some cases for many years.

The regulatory requirements in data protection law have increased, especially since the applicability of the GDPR. Nowadays, data protection is an integral part of every company's compliance. We support you in positioning yourself in such a way that you are also well prepared for future developments.

Data protection law is one of our special areas of focus and we have outstanding expertise in this field. In particular, we accompany complex IT and eCommerce projects from conception through GoLive and on an ongoing basis with legal expertise and a high level of detailed knowledge. In doing so, we focus on legally sound and economic solutions that are individually tailored to our clients' needs. If necessary, we coordinate with third parties and competent authorities at an early stage.

In addition, we support you with data protection audits and the resulting data security concepts. This is not just a matter of complying with data protection regulations, but also of drafting contracts with third parties who have access to your data, transferring data abroad and safeguarding your own company data.

Do you have an acute situation or a detailed question at short notice? We are characterised by our proximity to our clients and our speed of response. Your personal contact will be happy to help you at short notice in a pragmatic and solution-oriented manner.

  • Consent forms and data protection declarations
  • Data security concepts
  • Big Data Applications / SaaS
  • Data protection audits
  • Handling customer data
  • Employee data protection
  • Social Media
  • Health data protection
  • Corporate data protection
  • Data protection compliance
  • Order Processing / Joint Controller
  • International data transfers

Your Piltz Legal contacts

Lawyer, Partner
Dr. Carlo Piltz
Lawyer, Partner
Dr. Carlo Piltz
Business Lawyer, Counsel
Philipp Quiel, LL.M.
Business Lawyer, Counsel
Philipp Quiel, LL.M.
Lawyer, Senior Associate
Johannes Zwerschke, LL.M.
Lawyer, Senior Associate
Johannes Zwerschke, LL.M.

News

Whistleblower protection and the right of access on a collision course – challenges in the parallel application of whistleblower protection and Art. 15 GDPR

The enactment and applicability of the German implementation law (“German Whistleblower Protection Act”) for the Whistleblowing Directive (Directive (EU) 2019/1937) is in sight even though the law was not passed yet because the “Bundesrat” did not agree to the text adopted by the “Bundestag”. It might still take some time until the two parliaments agree on a final text. However, there is time pressure due to Germany already falling far behind the deadline for the implementation of the European Directive. This also means that the legal obligation to set up an internal reporting channel is getting closer for very many German companies (all with generally at least 250 employees).

NIS-2 Directive: New provisions to strengthen cyber resilience and security

The Directive on measures for a high common level of cybersecurity across the Union ("NIS-2 Directive") published in the Official Journal of the European Union on December 27, 2022, aims to harmonize cybersecurity requirements in the EU and imposes new cybersecurity obligations on companies. It will replace the previously applicable NIS Directive.

 

Cyber Resilience Act - Overview of new cybersecurity requirements for products with digital elements

In September 2022, the European Commission published its proposal for the Cyber Resilience Act ("CRA", Regulation of the European Parliament and of the Council on horizontal cybersecurity requirements for products with digital elements and amending Regulation (EU) 2019/1020).