Whether you want to draft a data protection declaration for your website or establish a data privacy guideline or strategy for your company - you can count on the experienced data privacy experts at dhpg. Our lawyers and certified data security officers are very familiar with the GDPR and know what counts when implementing the General Data Protection Regulation. Personal data are important assets of a company. The sensitive handling of these data, i.e. their processing and storage in compliance with the GDPR, is not only a compliance issue but also crucial to a company's repute. You can rest assured that you are in safe hands with us.
Data are of great economic importance to companies, and their use is a key factor conditioning success. This makes it all the more important to devote the utmost attention to sensitive data and ensuring their security. You can place all the tasks involved in the hands of our experienced data privacy experts with a clear conscience.
Our data privacy experts are lawyers with many years of experience in dealing with data privacy and government authorities. This is precisely why many companies have appointed us as their external data security officer. In addition, you also benefit from our keeping a close and vigilant eye on other topics and industries.
We specialise in standardised and optimised processes. What does this mean for you? You have time to concentrate on those tasks essential to your company. Because there's one thing we don't want: to leave you, the person in charge of a company, mired down in some time-consuming project.
Being able to budget costs make your calculations easier. We can deliver here - in the form of an annual flat rate with a clearly defined range of services.
Would you like to get together for a personal meeting to obtain advice? We would be happy to schedule a non-binding appointment with you so that we can get to know each other. We look forward to your call or e-mail and to meeting you.
A data privacy guideline is a binding instruction from the employer to the employees. It must be ensured that all employees have been made aware of the content of the data privacy guideline. For this purpose, the guideline should be handed out in writing and countersigned. A data privacy guideline must always be individually tailored to the company concerned, so there is a certain amount of latitude. Nevertheless, there are a few rules and arrangements that definitely need to be included in the guideline, especially technical-organisational measures, or TOMs for short. These include inter alia:
The contents of the guideline should be defined in close consultation between management, the IT department and the data security officer. The data privacy experts at dhpg will be happy to help you with this.
The data protection declaration should be quickly available, i.e. accessible with one click from the homepage. It is best to also inform your users about their rights as data subjects in the data protection declaration and state who they can contact in the event of a breach. This is usually the company's data security officer.
Basically, personal data are considered to be all information or data that can be used to identify a specific person. This includes, for example:
Physical data, such as hair or eye colour, also fall under this category. In addition, there is so-called special personal data, which are particularly sensitive and all the more deserving of privacy. These include political opinions, ethnic origin or medical data.
A data privacy strategy supports the protection of data privacy at companies and is a compliance issue. The data privacy strategy should be clearly structured and specify the tasks for all departments and positions in the area of data privacy. This way, everyone involved can understand which measures they have to take to ensure data privacy. It thus lays down an internal control framework. Just like the data privacy guideline, the details of the data privacy strategy depend on the company and its structures and varies in scope accordingly. A few central components must be integral parts of the data privacy strategy, however. These include:
The data privacy strategy should be drawn up in close consultation between the management and the data security officer and regularly checked to make sure it is up-to-date and compliant.
Data - especially personal data - are of great economic importance. It is an important asset for companies, and their use is a key factor in a company's success. This makes it all the more important to pay the utmost attention to data and their security. It is necessary to be aware of what personal data are stored and processed at a company. Leverage the knowledge of our data privacy experts to implement important aspects of the GDPR at your company. We will be happy to provide you with a GDPR checklist tailored to your individual needs or carry out a target/actual analysis right away. Our data security officers specialise in the creation of a holistic data privacy strategy for companies - this includes the drafting of a data privacy guideline as well as a data protection declaration. Contact us if you would like to professionally implement the General Data Protection Regulation at your company - our data protection officers will be happy to support you.