Data Protection Consultation at KINAST

ePrivacy Directive

The EU privacy laws consist of the GDPR and the Electronic Privacy Directive (ePrivacy Directive) which is also known as the “EU cookie law”. The directive came into effect in 2002 and was amended in 2009. As a EU directive it mandates that each EU member state passes their own national laws in correspondence.

Top 5 Law Firm in Germany

ePrivacy Directive currently

Similar to the GDPR the ePrivacy Directive was created to harmonize the national protections of the fundamental rights and freedoms of individuals in the EU, in particular the right to privacy and confidentiality, as well as the free movement of data when using electronic communications.

The directive deals with the regulation of various issues when using electronic devices such as confidentiality of information, access and storage of information on users’ end devices, treatment of traffic data, cookies and spam. Among those other provisions, the ePrivacy Directive also requires websites to obtain consumer’s consent before placing cookies for marketing purposes.

What happens next?

An updated version of the ePrivacy Directive, considering especially new technologies, should have entered into force together with the GDPR in May 2018 and would have been called ePrivacy Regulation, however it is still not published by now.

After various draft versions were released in 2018 and 2019, it has been quiet for a couple of years. If and when a new draft will be published and when the regulation will come into force is currently unknown.

e-Privacy Directive

Do you need an External Data Protection Officer?

Five steps to compliance:

Introduction of your company and KINAST as well as the relevant contact persons. Discussion of the current data protection setup and most important data protection topics.

We conduct data protection audit on-site or based on questionnaires to evaluate the current data protection status of your company.

Document the current data protection status and define further required actions if necessary.

We carry out all necessary measures identified during the data protection audit.

Designation as External data protection officer and on-going consultation starting from day 1.

Our three point plan to data protection compliance

To guarantee a timely and cost effective execution of necessary data protection measurements, we’ve developed our own concept based on a three-point plan:

As a first step, we carry out a risk assessment in your company. We carry out the risk assessment either on-site or remotely. Based on the findings, we prepare a report that documents the degree of compliance with data protection standards. Furthermore, the report identifies any vulnerabilities, proposes suitable measures to remedy those vulnerabilities, defines responsibilities and sets a timetable for the implementation of these measures.

In a next step, we implement any measures which we identified within the framework of the risk assessment. Whereby great importance is attached to binding your internal resources as little as possible.

Finally, as an External DPO, we permanently support your company regarding all aspects of data protection. Therefore, we ensure an ongoing compliance with legal standards, the adaptation of procedures to the requirements of new laws and the consideration of current changes in internal processes.

Why choose KINAST Attorneys at Law for international data protection consultation


We are an experienced team of lawyers with many years of experience and knowledge in data protection law, data security and as DPOs.

Practical experience

Due to many years of practical experience we know companies "from the inside". In colloquial terms, you should be able to "live what we advise".

IT affinity

Regardless of existing or new IT systems, our attorneys have a profound technical understanding and advise you accordingly.

Cost transparency

We work on the basis of fixed hourly contingents, keeping pricing simple and managable.

Guaranteed legality

We are not only outstanding data protector officers, but also experienced lawyers.

Individual solutions

We do not work "off the peg", but offer tailor-made concepts, specifically for your business.

Efficient organisation und communication

Our soluitions lay high priority on open communication, transparent project management and defined goals.

Drafting of legal documents

We draft guidelines, work instructions, operating and service agreements, declarations of consent and commitment, lists of procedures and contracts on a daily business.

Personality and continuity

We do not provide you with just any resource, but with the right colleague for you – permanently and without unpleasant changes.

GDPR e-Privacy Directive
Data Protection Law - e-Privacy Directive
Data Protection Law - e-Privacy Directive
Data Protection

Do you need guidance with international data protection law?

Data protection law, especially on the international stage, can be a legal minefield. Our experienced lawyers and data protection officers are here to help. KINAST Attorneys at Law are specialised soley in data protection and we’ve been advising international groups and corporations since before GDPR laws came into effect. We guarantee that your company is in the safest hands.

So why not contact us today for a free, no obligation consultation?

Send this page to a colleague?


Ask us for a quote

Please provide our team with a few details about your company. This makes it easier for us to assign the correct expert for your needs

Let's talk

Simply leave your details here and one of our lawyers or data protection experts will get back to you as soon as possible.

Media enquiries

Simply leave your details here and one of our marketing team will get back to you soon.

Partnership enquiries

Simply leave your details here and one of our marketing team will get back to you soon.