Data Protection Consultation at KINAST
Data Protection Law in IT
At KINAST, we have our finger on the pulse of data protection law in IT and can help you achieve safe and secure computing practices that will keep your IT systems GDPR compliant, for now and for the future.
- Full Service
- Individual, efficient solutions
- Transparent Pricing Structure
- International legalilty guaranteed
- There when you need us
Does Data Protection Law apply to IT businesses?
Although the collection of date has been around for many years, the term ‚Big Data‘ first became a polular buzz word in 2005. Today, the Web is one of the main ways to communicate and make transactions worldwide.
This means, of course, that it is also used for transfering and storing personal data: Every time you purchase an item online, download an application on your smartphone or simply send a message, data processing takes place. Besides these obvious examples, cloud computing and the vast array of social media platforms also process incredibly large amount of data on a daily basis.
Does online data processing need to be protected?
The answer is yes. Data protection law in IT applies to both physically written data and digitalized information; this means that in the EEA the transfer of your personal data via the Internet is subject to the General Data Protection Regulation (GDPR). The large scope of this regulation allows a major protection of data storage and transfers.
Do you need an External Data Protection Officer?
Five steps to compliance:
Introduction of your company and KINAST as well as the relevant contact persons. Discussion of the current data protection setup and most important data protection topics.
We conduct data protection audit on-site or based on questionnaires to evaluate the current data protection status of your company.
Document the current data protection status and define further required actions if necessary.
We carry out all necessary measures identified during the data protection audit.
Designation as External data protection officer and on-going consultation starting from day 1.
The cookie. The most common data protection topic in the online world.
One of the most common IT related topics we deal with are questions about the implementation of website cookies on our clients’ Internet services. Cookies are small text files that websites place on your browser while surfing: While some are crucial for the displaying and the correct functioning of the website, others are not necessary but are used for marketing purposes. However, it could be possible that some of these cookies are put in place for purposes other than the foreseen ones.
Our experts review the cookies our clients set on their Internet services, and analyze them one by one in order to establish whether they are GDPR compliant or not. In the latter case we search for alternatives and suggest to implement these.
Other areas to consider:
- International Data Flow
- Standard Contractual Clauses
- Binding Corporate Rules
- Transfer Impact Assessment
- Data Breach Management
How do we go about guaranteeing your IT data security?
When performing in a ‚full service‘ legal role, for example as an External Data Protection Officer, we always use our our own developed concept based on a three-point plan:
As a first step, we carry out a risk assessment in your company. We carry out the risk assessment either on-site or remotely. Based on the findings, we prepare a report that documents the degree of compliance with data protection standards. Furthermore, the report identifies any vulnerabilities, proposes suitable measures to remedy those vulnerabilities, defines responsibilities and sets a timetable for the implementation of these measures.
In a next step, we implement any measures which we identified within the framework of the risk assessment. Whereby great importance is attached to binding your internal resources as little as possible.
Finally, as an External DPO, we permanently support your company regarding all aspects of data protection. Therefore, we ensure an ongoing compliance with legal standards, the adaptation of procedures to the requirements of new laws and the consideration of current changes in internal processes.
Just a few of the reasons to choose KINAST for data protection in your IT systems
Our teams are made up of highly trained and specialized legal professionals with lengthy experience. We deal with IT related data protection issues with speed and efficiency and are committed to ensuring that your data is protected at all times. We always stay up-to-date on the latest data protection laws, and with our long-standing expertise in the field, you can rest assured that your data protection measures are in good hands.
Expertise
We are an experienced team of lawyers with many years of experience and knowledge in data protection law, data security and as DPOs.
Practical experience
Due to many years of practical experience we know companies "from the inside". In colloquial terms, you should be able to "live what we advise".
IT affinity
Regardless of existing or new IT systems, our attorneys have a profound technical understanding and advise you accordingly.
Cost transparency
We work on the basis of fixed hourly contingents, keeping pricing simple and managable.
Guaranteed legality
We are not only outstanding data protector officers, but also experienced lawyers.
Individual solutions
We do not work "off the peg", but offer tailor-made concepts, specifically for your business.
Efficient organisation und communication
Our soluitions lay high priority on open communication, transparent project management and defined goals.
Drafting of legal documents
We draft guidelines, work instructions, operating and service agreements, declarations of consent and commitment, lists of procedures and contracts on a daily business.
Personality and continuity
We do not provide you with just any resource, but with the right colleague for you – permanently and without unpleasant changes.
IT Data Protection doesn't need to be a burden.
The experienced lawyers and data protection officers at KAINST are here to help. We specialise soley in data protection and we’ve been advising international groups and corporations since before GDPR laws came into effect. So why not contact us today for a free, no obligation consultation?
Send this page to a colleague?
Frequently asked questions
You may still have questions about data protection law in the area of IT. We’ve answered some of the most frequently asked questions here. If you have more specific or specialist questions, feel free to contact us, and one of our Lawyers or Data Protection Officers will get back to you as soon as possible.
If your business is located in the EEA or you are a European citizen, the relevant regulation is the GDPR.
To store data in a cloud is generally one of the safest ways to ensure data safety. Usually various safety measures are in place, such as backups and disaster recovery, which allow the user to prevent data loss deriving from a breach or other events that could exploit the vulnerability of the data stored.
Social media is one of the “hot topics” in the current global data protection research. As many providers and businesses are located in the USA, from a GDPR perspective additional safety measures should be put in place before considering a data transfer.
As your personal data is protected by the GDPR, even if it is digitalized, the provisions of Art. 6 GDPR remain untouched. However, it is important to highlight the major relevance given to the user’s consent.