• Mehr als 3 Millionen Wörter Inhalt
  • |
  • info@itmedialaw.com
  • |
  • Tel: 03322 5078053
Rechtsanwalt Marian Härtel - ITMediaLaw

No products in the cart.

  • en English
  • de Deutsch
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
    • Laws
    • Legal terms
    • Contract types
    • Clause types
    • Forms of financing
    • Legal means
    • Authorities
    • Company forms
    • Tax
    • Concepts
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
Kurzberatung
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
    • Laws
    • Legal terms
    • Contract types
    • Clause types
    • Forms of financing
    • Legal means
    • Authorities
    • Company forms
    • Tax
    • Concepts
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
Rechtsanwalt Marian Härtel - ITMediaLaw

Archiving obligation or GDPR regulations?

12. November 2019
in Data protection Law
Reading Time: 3 mins read
0 0
A A
0
binder 532220 1280

GDPR vs. Archiving Obligations

Content Hide
1. GDPR vs. Archiving Obligations
2. What happened?
3. What is the problem?
4. So what?
5. The Data Protection Authority in Berlin
6. And now?
6.1. Author: Marian Härtel

In recent weeks, a new discussion has flared up around one of the numerous legal issues in the GDPR. As if the GDPR has not yet brought enough uncertainty and is therefore, as one might think, jeopardizing the fundamentally correct idea of improved data protection due to the frustration of companies, service providers, the self-employed and freelancers.

What happened?

This was triggered by the recent decision of the Berlin Commissioner for Data Protection and Freedom of Information against Deutsche Wohnen SE. The latter has issued a fine of around EUR 14.5 million for breaches of the GDPR. During on-the-spot audits in June 2017 and March 2019, the supervisory authority found that the company used an archive system for storing the personal data of tenants that did not provide for the possibility of using data that was no longer required. to remove it. Personal data of tenants have been stored without checking whether storage is permissible or even necessary. In individual cases examined, it was therefore partially time-old private data of affected tenants to be consulted, without these still serving the purpose of their original survey. This involved data on the tenants’ personal and financial circumstances, such as salary statements, self-disclosure forms, extracts from employment and training contracts, tax, social security and health insurance data and bank statements.

What is the problem?

Data protection experts are of the opinion that the authority has been sloppy in its legal recourse to “privacy by design” and has done data protection a disservice. Because now there is a fine, Deutsche Wohnen will take action against it, but other companies and data protection officers still do not know which tenant data should have been deleted at what time; and therefore cannot apply these findings to their own databases and perhaps do better.

So what?

In this case, it is about archiving processes. While this concerns applications from tenants in this case, the problems are applicable, but also to accounting processes, job applications, support requests, taxes, travel expense reports, holiday applications and thousands of other aspects. In many of these circumstances, there are again legal obligations for archiving and in many other aspects it is mandatory or at least relevant that the archiving is audit-proof so that changes can be tracked by controlling authorities. such as the tax offices. It is therefore the purpose of many archiving operations to prevent certain operations, and thus related documents or data, from being deleted or changed. Is that the case in each of those cases by Article 6(6) of the 1 sentence 1c GDPR, which allows data processing to fulfil legal obligations? This may be possible in many cases, but what about situations in which audit security is perhaps only sensible but not explicitly regulated by law?

The Data Protection Authority in Berlin

The data protection authority in Berlin has expressed its own opinion on this in its press release, and it will be very interesting to see whether it holds up in court.

Data cemeteries, as we found at Deutsche Wohnen SE, unfortunately meet us frequently in supervisory practice. Unfortunately, the explosiveness of such grievances is only clearly demonstrated to us when, for example, cyber-attacks have led to abusive access to the mass-hoarded data. Even without such serious consequences, however, we are dealing with a blatant breach of the principles of data protection, which are intended to protect those affected from such risks. It is gratifying that the general data protection regulation has introduced the possibility of sanctioning such structural deficiencies before the data GAU occurs. I recommend that all data processing bodies check their data archiving for compatibility with the GDPR.

  Even if cyber attacks are indeed relevant and everyone should take technical and organizational precautions against data theft, the fact that we are talking about data cemeteries is quite harsh. Many companies would probably even want to have to store less data for a few years and reduce certain tendencies towards excessive bureaucracy. Especially in the areas of tax law, social security law or employment law, you can quickly grow grey hair when you think about all the obligations that exist, which in turn are often only indirectly standardized or shaped by court rulings.

And now?

The fear is quite justified that in the coming years the dispute between data protection and bureaucracy, between cyber security and the legitimate interests of tax, customs and social security authorities, will be played out on the backs of the self-employed or SMEs. Whether this is of economic and data protection is open to question. In the worst-case scenario, the economy will have to pay even more for obligations and even more costs for improved software solutions. We can therefore look forward to seeing how this procedure proceeds.

Marian Härtel
Author: Marian Härtel

Marian Härtel ist Rechtsanwalt und Fachanwalt für IT-Recht mit einer über 25-jährigen Erfahrung als Unternehmer und Berater in den Bereichen Games, E-Sport, Blockchain, SaaS und Künstliche Intelligenz. Seine Beratungsschwerpunkte umfassen neben dem IT-Recht insbesondere das Urheberrecht, Medienrecht sowie Wettbewerbsrecht. Er betreut schwerpunktmäßig Start-ups, Agenturen und Influencer, die er in strategischen Fragen, komplexen Vertragsangelegenheiten sowie bei Investitionsprojekten begleitet. Dabei zeichnet sich seine Beratung durch einen interdisziplinären Ansatz aus, der juristische Expertise und langjährige unternehmerische Erfahrung miteinander verbindet. Ziel seiner Tätigkeit ist stets, Mandanten praxisorientierte Lösungen anzubieten und rechtlich fundierte Unterstützung bei der Umsetzung innovativer Geschäftsmodelle zu gewährleisten.

Tags: FreelancerGeneral Data Protection RegulationInformationJudgmentsLabour lawLegal issuesLegal questionPersonal dataPrivacyRegulationSanctionSicherheitSocial securitySoftwareVerträge

Weitere spannende Blogposts

Mobile games as a service commission – recover sales tax?

judge plays videogames in his spare time
7. November 2022

The sale of mobile games or even in-app sales of computer games via app stores constitutes a service commission under...

Read moreDetails

OLG Munich with warning verdict on checkout at online retailers

Attention: Vouchers to existing customers can be advertising!
31. January 2019

So i.m. reached a potentially relevant verdict of the OLG Munich, because although it is based on the checkout page...

Read moreDetails

ITMediaLaw no trademark infringement ;-)

International trademark application at WIPO
7. November 2022

As a lawyer, I mainly deal with issues of IT law and media law, advising startups, streamers, influencers and other...

Read moreDetails

LG Munich: Affiliate links must be sufficiently identified!

LG Munich: Affiliate links must be sufficiently identified!
29. July 2019

Important verdict Recently, the Higher Regional Court made a highly interesting ruling on the issue of labeling affiliate links (see...

Read moreDetails

15 common misconceptions about terminology in the startup sector

New info on the status of the State Media Treaty
13. August 2024

As a lawyer who advises many start-ups and young entrepreneurs, I often come across errors in the use of technical...

Read moreDetails

How clients benefit from my network of colleagues, partners and service providers

How clients benefit from my network of colleagues, partners and service providers
3. January 2023

How clients benefit from my network of colleagues, partners and service providers When I tell my clients about my network,...

Read moreDetails

Advice on setting up home office workstations

Advice on setting up home office workstations
7. November 2022

Home office workplaces are becoming increasingly popular and will also increase in the Federal Republic of Germany due to the...

Read moreDetails

Professionalize your own work as a freelancer?

Professionalize your own work as a freelancer?
7. November 2022

There are more and more freelancers in Germany, and as the general Corona hysteria continues to promote remote working, more...

Read moreDetails

Risks when using and offering no-code platforms as SaaS

Risks when using and offering no-code platforms as SaaS
10. July 2023

At first glance, the title of this blog post might seem like a winner in the contest for most anglicisms...

Read moreDetails
Electronic forms of contract conclusion in the software sector

Electronic forms of contract conclusion in the software sector

16. October 2024

In the digital world, various forms of electronic contract conclusion have developed, which are used in particular in the area...

Read moreDetails
boersengang ipo

Initial public offering (IPO)

29. March 2025
Key Man Clause

Key Man Clause

16. October 2024
Business valuation

Business valuation

27. June 2023
eff652d70b8b13586648bcc41c5a83f3

Profit and loss account (P&L)

10. November 2024

Podcast Folgen

c9c5d7fd380061a8018074c2ca5a81bf

Startups and innovation in Germany – challenges and opportunities

26. September 2024

This insightful podcast episode takes an in-depth look at the startup and innovation landscape in Germany and Europe. The discussion...

da884f9e2769f2f96d6b74255be62c27

The role of the IT lawyer

5. September 2024

In this exciting podcast episode, we delve into the fascinating world of IT start-ups and find out why an experienced...

9e9bbb286e0d24cb5ca04eccc9b0c902

Legal challenges of innovative business models

1. October 2024

In this captivating podcast episode, I dive deep into the world of legal challenges associated with innovative business models as...

d5ab3414c7c4a7a5040c3c3c60451c44

The metaverse – legal challenges in virtual worlds

26. September 2024

In this fascinating episode, we dive deep into the legal aspects of the metaverse. As a lawyer and tech enthusiast,...

  • Privacy policy
  • Imprint
  • Contact
  • About lawyer Marian Härtel
Marian Härtel, Rathenaustr. 58a, 14612 Falkensee, info@itmedialaw.com

Marian Härtel - Rechtsanwalt für IT-Recht, Medienrecht und Startups, mit einem Fokus auf innovative Geschäftsmodelle, Games, KI und Finanzierungsberatung.

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms below to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
    • Laws
    • Legal terms
    • Contract types
    • Clause types
    • Forms of financing
    • Legal means
    • Authorities
    • Company forms
    • Tax
    • Concepts
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
  • en English
  • de Deutsch
Kostenlose Kurzberatung