Data Protection
(Data Protection Officer, Data Protection Auditor, representative per Art. 27 GDPR)
Specialization exists not only with doctors, but also with lawyers.
We are your guide when it comes to privacy.
We have been concentrating on this area for many years, keeping our knowledge up-to-date through in-depth training and knowledge of the environment beyond the legal are
Certified Data Protection Officer
Ensure legal certainty for your company
Build trust with your customers and partners
Training and sensitize your employees
Legally compliant order as your data protection officer
Trained and tested by TÜV-SÜD Akademie GmbH in GDPR and BDSG
Avoid impending fines
0711 / 35 79 30
Data protection officer
I check every department that works with personal data for compliance. The management will be made aware of any issues and the corresponding need for action. I then provide suggestions for solutions and develop appropriate concepts.
The external data protection officer is the direct contact person for the responsible supervisory authority.
Data protection audit
Global application of the General Data Protection Regulation
Pursuant to Art. 83 para. 4 a) GDPR, failure to name a representative could result in fines of up to 2% of your global annual turnover! In some cases (Art. 85 GDPR), fines may even be up to € 20 million or 4% of your global annual turnover.
For example, the US hotel chain Marriott is facing a $123 million fine imposed by the UK’s Information Commissioner’s Office (ICO). Hackers gained access to the database of the Marriott subsidiary Starwood and obtained the data of 339 million customers, not only their names and addresses, but also highly confidential data such as passport and credit card numbers. According to the ICO, when Marriott bought Starwood in 2016, it failed to conduct sufficient audits during the acquisition and provide sufficient security for the systems afterwards. But this would have been their duty under the GDPR.
British Airways has also been threatened by the ICO with a £183.39 million fine for a GDPR breach. British Airways lost the data, including credit card information and the CVV numbers, of some 500,000 customers during a cyberattack. The attack occurred when customers paid for their flights by credit card.
This means that companies outside the EU have to comply not only with their own privacy laws, regulations and directives, but also with the GDPR.
Worldwide hotel industry
This is why I specialize in this industry.