The right to protection of personal data of natural persons entails a number of obligations for entrepreneurs. The exact requirements have been regulated in the EU Data Protection Regulation (GDPR) as well as in the federal regulations. The requirements depend on many factors, such as the size of the company as well as the scope of data processing. In this context, companies are to decide for themselves, to the greatest extent possible, which measures are appropriate. This often leads to despair, especially because non-compliance with the requirements in the area of personal data protection can lead to high fines.
A good way to check the current processes in the area of data protection in the company and to protect yourself from the negative consequences is to conduct a data protection audit. The data protection audit should be carried out by persons with appropriate qualifications and experience, e.g., by a lawyer who specializes in data protection.
During a data protection audit, all processes associated with the processing of personal data are identified and reviewed. As a rule, such an audit begins with a discussion of the questions that are important from the perspective of data protection, such as:
– Does the company have a data protection officer?
– Does the company have a data protection concept?
– Are personal data transferred to third parties? Is there a basis for such transfers?
– How is access to personal data by employees regulated?
– How is the personal data protected from access by third parties?
Once these questions have been answered, a comprehensive data protection review of the company’s existing records takes place. As part of this review, the documentation required by data protection regulations, but also other documents such as employment contracts as well as service contracts will be analyzed and adjusted if necessary.
As a rule, a written report is prepared on the performance of the data protection audit, in which all weak points as well as corresponding solutions are described.
Independent of the audit described above, it is often also advisable to conduct an IT audit.
We will conduct a data protection audit for you, draft necessary documents and answer all questions related to data protection in the company.
Do you have any questions or require our consultation?
Contact us. We will further help you.
© GRAU Rechtsanwälte PartGmbB, 2022 | Legal notice | Privacy Policy
© GRAU Rechtsanwälte PartGmbB, 2022
Legal notice | Privacy Policy
Cookie | Duration | Description |
---|---|---|
cookielawinfo-checkbox-advertisement | 1 year | This cookie is set by the GDPR Cookie Consent Plugin and is used to record the user's consent to the "Advertising" category cookies. |
cookielawinfo-checkbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
cookielawinfo-checkbox-functional | 11 Monate | Das Cookie wird durch die GDPR-Cookie-Zustimmung gesetzt, um die Zustimmung des Benutzers für die Cookies in der Kategorie "Funktional" aufzuzeichnen. |
cookielawinfo-checkbox-necessary | 11 Monate | Dieses Cookie wird vom GDPR Cookie Consent Plugin gesetzt. Das Cookie wird verwendet, um die Zustimmung des Nutzers für die Cookies der Kategorie "Notwendig" zu speichern. |
cookielawinfo-checkbox-others | 11 months | This cookie is set by the GDPR Cookie Consent Plugin. The cookie is used to save the user's consent for the cookies in the "Other" category. |
cookielawinfo-checkbox-performance | 11 months | This cookie is set by the GDPR Cookie Consent Plugin. The cookie is used to store the user's consent for the cookies in the "Performance" category. |
viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not the user has consented to the use of cookies. It does not store any personal data. |
wp-wpml_current_language | session | Cookie of the "WPML" plugin that saves the current language of the website. |
Cookie | Duration | Description |
---|---|---|
CookieLawInfoConsent | 1 year | Records the standard button status of the corresponding category and the status of the CCPA. It only works in coordination with the primary cookie. |
elementor | never | This cookie is used by the website's WordPress theme. It allows the website owner to implement or change the content of the website in real time. |
Cookie | Duration | Description |
---|---|---|
_ga | 2 years | Used to distinguish users. |
_ga_ | 2 years | Used to persist session state. |
_gac_gb_ | 90 days | Contains campaign related information. If you have linked your Google Analytics and Google Ads accounts, Google Ads website conversion tags will read this cookie unless you opt-out. |
_gid | 24 hours | Used to distinguish users. |