Social Media
  • Focus: General Data Protection Regulation

  • Focus: General Data Protection Regulation

October 2019

What is the GDPR?

The new General Data Protection Regulation (GDPR) came into force on May 25, 2018. The GDPR is a regulation of the European Union that standardizes the rules for private and public processing of personal data throughout the EU. The transparency and documentation requirements are considerable.

What are the challenges of implementing the GDPR requirements?

The GDPR grants extensive rights to affected parties. An affected person can demand information on all data that is processed about him. The information must be provided within 30 days. Otherwise, he can submit a complaint to the competent supervisory authority. For the party processing the data, this involves a clearly defined structure and clearly defined processes.

In regard to supervisory authorities, there are extensive requirements to prove systematic organization and processing of personal data. The threatened fines for violations are substantial and could reach €20 million or 4% of total annual revenue.

Moreover, explicit concepts for deleting unneeded data must be drawn up and submitted to supervisory authorities, if requested.

How can we help you?

We have expert knowledge of the new data protection regulation, understand the rules and requirements, and the resulting needs of our customers. We go through the relevant processes, identify what action is needed, advise on implementation of the measures to be taken, and prepare for possible queries from the authorities. We will also gladly coordinate data protection certification.

We have a broad portfolio of services specific to the GDPR

The GDPR is complex and places high demands on processors of personal data — with our range of services, we can support you according to your individual needs:

  • Developing data protection concepts based on GDPR requirements
  • Creating the necessary document stations, such as procedural logs
  • Handling the rights of affected parties
  • Training employees in GDPR-compliant behavior
  • Meeting accountability and proof requirements regarding supervisory authorities
  • Assistance with certification by auditing organizations, such as TÜV Süd

As a longstanding consultant in the automotive industry, we also have highly qualified consultants with special, field-proven knowledge of retail.