Companies are increasingly focusing on data protection. Complying with the essential requirements of data protection is indispensable to companies. Which requirements do companies need to comply with in relation to their employees? What does the entrepreneur need to take into account in relation to customers and suppliers? What information is to be published on company homepages or in business e-mails?
In the light of the requirements of the EU's General Data Protection Regulation and the implications of the "Safe Harbour Ruling" of the European Court of Justice (ECJ) from October 2015, the pressure on companies to focus more on data protection as part of compliance management is increasing.
While the ECJ's "Safe Harbour Ruling" may already result in sanctions for companies in the form of, say, a fine of up to EUR 50,000 or a prohibition order in the event of unlawful data transmission, the EU's General Data Protection Regulation will oblige organizations and companies to assess the consequences of critical data processing from 2018 onwards.
We will be pleased to assist you in examining, assessing and providing your company's compliance in the area of data protection and to develop solutions with you in respect of the legally compliant handling of personal data.
The DATA compliance mark enables your company to provide evidence of its compliance with relevant data protection requirements in relation to both customers and other market players.
The data compliance mark is awarded, on successful completion of a data protection audit, by certifiers of ESC Cert GmbH, an inspection centre accredited with the Deutsche Akkreditierungsstelle GmbH (DAkkS) and contains proof that your company meets the relevant German and European legal requirements in the area of data protection.
The EU's General Data Protection Regulation provides that, from 2018 onwards, certification in accordance with data protection legislation requirements can be carried out only by certain authorized centres, such as an inspection centre accredited with DAkkS.
DATA compliance seal
Section 4f of the Bundesdatenschutzgesetz (German Federal Data Protection Act - BDSG) lays down the conditions under which a data protection officer must be appointed. This statutory obligation applies to many companies. Any breach of this requirement may result in various sanctions. Companies are, however, also at liberty to appoint an external data protection officer. As a rule, this will provide many benefits, as certain responsibilities that may result in disruptions of operations if employees of one's own company are appointed to perform the role are assigned to this external data protection official.
If your company appoints a data protection officer from BfU AG, it will obtain a qualified contact person who undergoes advanced training on a regular basis and provides you with individual support. We will be pleased to perform the following tasks, in particular: