Data protection supervisory authority clears up data protection misconceptions
The Thuringian State Commissioner for Data Protection and Freedom of Information (TLfDI) has used Safer Internet Day 2024 to clarify persistent data protection misconceptions. Here are a few misconceptions: Data protection wants to prevent digitalisation No. Digitalisation, but legally compliant [...]
Preparation is everything: How to prepare for a cyberattack
Cyber attacks can affect any company, often occurring when least expected, rangning from data loss and financial setbacks to a permanently damaged reputation. How you can prepare your company? Creation of an incident response plan An Incident Response Plan (IRP) [...]
Navigating Data Protection Challenges under HinSchG: A Closer Look
Exploring Legal Obligations, Confidentiality, and Impact Assessment. Data Protection in the Context of the Hinweisgeberschutzgesetz (HinSchG) When highly sensitive data is being collected, it's crucial to determine who can access it. Data subjects have a right to access, but does this [...]
When is there an obligation to appoint an EU representative under the GDPR?
Representative of controllers or processors not established in the Union. There is a difference between a "contact point" and an EU representative. Pursuant to Article 3(2) of the GDPR, the geographical scope of application of the GDPR also extends to [...]
‚Right to erasure‘ – an overview
In principle, the Controller must delete personal data, i.e. irrespective of a request from the data subject, when the personal data are no longer necessary for the purposes for which they were collected or otherwise processed. Where a data subject [...]
Privacy & Marketing
Targeted advertising is more interesting for both the company and the advertising recipient. However, advertising targeted at the addressee also raises data protection issues, and a tension arises between address-related marketing and data protection. The General Data Protection Regulation (GDPR), [...]