DATA PROTECTION AND DATA SECURITY
Piltz Legal helps companies and institutions to set up individual areas or projects in compliance with the GDPR and supports them in their day-to-day data protection business. From data protection declarations to complex data protection projects, we advise and support our clients - in some cases for many years.
The regulatory requirements in data protection law have increased, especially since the applicability of the GDPR. Nowadays, data protection is an integral part of every company's compliance. We support you in positioning yourself in such a way that you are also well prepared for future developments.
Data protection law is one of our special areas of focus and we have outstanding expertise in this field. In particular, we accompany complex IT and eCommerce projects from conception through GoLive and on an ongoing basis with legal expertise and a high level of detailed knowledge. In doing so, we focus on legally sound and economic solutions that are individually tailored to our clients' needs. If necessary, we coordinate with third parties and competent authorities at an early stage.
In addition, we support you with data protection audits and the resulting data security concepts. This is not just a matter of complying with data protection regulations, but also of drafting contracts with third parties who have access to your data, transferring data abroad and safeguarding your own company data.
Do you have an acute situation or a detailed question at short notice? We are characterised by our proximity to our clients and our speed of response. Your personal contact will be happy to help you at short notice in a pragmatic and solution-oriented manner.
- Consent forms and data protection declarations
- Data security concepts
- Big Data Applications / SaaS
- Data protection audits
- Handling customer data
- Employee data protection
- Social Media
- Health data protection
- Corporate data protection
- Data protection compliance
- Order Processing / Joint Controller
- International data transfers
Your Piltz Legal contacts
News
Territorial scope of NIS-2 – When does the German BSIG apply to managed service providers (MSPs) from third countries?
In a previous article (only available in German), we addressed the question of who qualifies as a managed service provider (MSP) or managed security service provider (MSSP) under the amended German Act on the Federal Office for Information Security and on information security in entities (BSI Act – BSIG) (Note: There is currently no official English translation of the current version of the BSIG. However, there is at least a machine translation by the EU.). If a company within a group of companies is centrally responsible for the operation of the group's IT, it can be classified as an MSP and thus as an important or particularly important entity within the meaning of Sec. 28 para. 1 no. 4 and/or Sec. 28 para. 2 no. 3 BSIG – provided that it falls within the scope of the BSIG.
NIS-2: Obligation to designate a representative for entities in third countries
Within the scope of the NIS-2 Directive (NIS-2-RL), situations may arise in which providers of certain NIS-2-relevant services, such as managed service providers, are based solely in a third country but offer services within the EU. According to Art. 2 (1) NIS-2 Directive, the territorial scope of application applies as soon as a company provides a service or carries out activities in the EU. Art. 26 NIS-2 Directive specifies this scope of application to the effect that, in principle, the Member State in which the entity is located and thus its respective implementing law is applicable. We have already written an article on this subject.
New awards for our partners
We are very pleased that Prof. Dr. Burghard Piltz and Dr. Carlo Piltz have received further awards from the Handelsblatt and have been included in the 16th edition of The Best Lawyers in Germany™.