DATA PROTECTION AND DATA SECURITY
Piltz Legal helps companies and institutions to set up individual areas or projects in compliance with the GDPR and supports them in their day-to-day data protection business. From data protection declarations to complex data protection projects, we advise and support our clients - in some cases for many years.
The regulatory requirements in data protection law have increased, especially since the applicability of the GDPR. Nowadays, data protection is an integral part of every company's compliance. We support you in positioning yourself in such a way that you are also well prepared for future developments.
Data protection law is one of our special areas of focus and we have outstanding expertise in this field. In particular, we accompany complex IT and eCommerce projects from conception through GoLive and on an ongoing basis with legal expertise and a high level of detailed knowledge. In doing so, we focus on legally sound and economic solutions that are individually tailored to our clients' needs. If necessary, we coordinate with third parties and competent authorities at an early stage.
In addition, we support you with data protection audits and the resulting data security concepts. This is not just a matter of complying with data protection regulations, but also of drafting contracts with third parties who have access to your data, transferring data abroad and safeguarding your own company data.
Do you have an acute situation or a detailed question at short notice? We are characterised by our proximity to our clients and our speed of response. Your personal contact will be happy to help you at short notice in a pragmatic and solution-oriented manner.
- Consent forms and data protection declarations
- Data security concepts
- Big Data Applications / SaaS
- Data protection audits
- Handling customer data
- Employee data protection
- Social Media
- Health data protection
- Corporate data protection
- Data protection compliance
- Order Processing / Joint Controller
- International data transfers
Your Piltz Legal contacts
ECJ ruling on VIN and general aspects of the term 'personal data'
The consequences of the ECJ's decision in Case C-319/22 (also referred to as the ‘Scania case’) of November 9, 2023 will certainly be discussed in the data protection scene for a long time to come. It is already visible that the judgment creates big waves in the automotive industry and related sectors, but also in the data protection community in general. However, it seems doubtable whether this is justified or whether essentially the same aspects as before the decision must be taken into account when clarifying the question of the existence of personal data. In the exact case dealt with by the ECJ, it will first be decided by the Regional Court of Cologne whether the VIN is indeed personal data for vehicle manufacturers and independent operators. The ECJ ruling itself does not yet provide a direct and unambiguous answer
Advocate General at the CJEU: Concerning the appropriateness of technical and organisational measures and compensation for non-material damages in the event of a hacker attack
Advocate General at the Court of Justice of the European Union (CJEU), Giovanni Pitruzzella, published his opinion in case C-340/21 on 27. April 2023 regarding the conditions for compensation for non-material damages and the burden of proof for the appropriateness of technical organizational measures (TOMs) under Art. 32 GDPR in connection with a hacker attack.