The General Data Protection Regulation, which has been in effect since May 2018, enshrines the right to data protection to a large extent. The extensive responsibilities it lays out don't just affect large enterprises. They are also crucial for micro-enterprises and SMEs. In Austria, the maximum limit for fines has risen from 25,000 Euros to as much as 20 Million Euros or 4% of the company's global annual turnover, depending on which is higher. The GDPR is extremely comprehensive. It is an essential area in IT and media law, defines new legal regulations on direct marketing and affects the storage of customer or patient data. In Austria, the data protection authority is responsible for the GDPRs national implementation (https://www.dsb.gv.at).
The correct implementation of the GDPR protects your company in the long term. We can work with you to examine or develop data protection strategies including dealing with data transfers to external servers or cloud services. We are also happy to review contracts and general terms and conditions and provide you with a risk and impact assessment. To make sure that you can comply with your legal duties of disclosure and any enquiries in a legally compliant manner, we support you with appropriate processes and documents when dealing with requests for information, deletion or amendment.
- Implementation of the data protection regulation (GDPR) in companies
- Creating data processing directories, data processor agreements, privacy statements (such as for websites), privacy declarations of consent, standard contractual clauses
- Conducting privacy impact assessments
- Processes for responding to data protection enquiries
- Representation in the case of liability