• Mehr als 3 Millionen Wörter Inhalt
  • |
  • info@itmedialaw.com
  • |
  • Tel: 03322 5078053
Rechtsanwalt Marian Härtel - ITMediaLaw

No products in the cart.

  • en English
  • de Deutsch
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
Kurzberatung
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
Rechtsanwalt Marian Härtel - ITMediaLaw

Archiving obligation or GDPR regulations?

12. November 2019
in Data protection Law
Reading Time: 3 mins read
0 0
A A
0
binder 532220 1280

GDPR vs. Archiving Obligations

Content Hide
1. GDPR vs. Archiving Obligations
2. What happened?
3. What is the problem?
4. So what?
5. The Data Protection Authority in Berlin
6. And now?
6.1. Author: Marian Härtel

In recent weeks, a new discussion has flared up around one of the numerous legal issues in the GDPR. As if the GDPR has not yet brought enough uncertainty and is therefore, as one might think, jeopardizing the fundamentally correct idea of improved data protection due to the frustration of companies, service providers, the self-employed and freelancers.

What happened?

This was triggered by the recent decision of the Berlin Commissioner for Data Protection and Freedom of Information against Deutsche Wohnen SE. The latter has issued a fine of around EUR 14.5 million for breaches of the GDPR. During on-the-spot audits in June 2017 and March 2019, the supervisory authority found that the company used an archive system for storing the personal data of tenants that did not provide for the possibility of using data that was no longer required. to remove it. Personal data of tenants have been stored without checking whether storage is permissible or even necessary. In individual cases examined, it was therefore partially time-old private data of affected tenants to be consulted, without these still serving the purpose of their original survey. This involved data on the tenants’ personal and financial circumstances, such as salary statements, self-disclosure forms, extracts from employment and training contracts, tax, social security and health insurance data and bank statements.

What is the problem?

Data protection experts are of the opinion that the authority has been sloppy in its legal recourse to “privacy by design” and has done data protection a disservice. Because now there is a fine, Deutsche Wohnen will take action against it, but other companies and data protection officers still do not know which tenant data should have been deleted at what time; and therefore cannot apply these findings to their own databases and perhaps do better.

So what?

In this case, it is about archiving processes. While this concerns applications from tenants in this case, the problems are applicable, but also to accounting processes, job applications, support requests, taxes, travel expense reports, holiday applications and thousands of other aspects. In many of these circumstances, there are again legal obligations for archiving and in many other aspects it is mandatory or at least relevant that the archiving is audit-proof so that changes can be tracked by controlling authorities. such as the tax offices. It is therefore the purpose of many archiving operations to prevent certain operations, and thus related documents or data, from being deleted or changed. Is that the case in each of those cases by Article 6(6) of the 1 sentence 1c GDPR, which allows data processing to fulfil legal obligations? This may be possible in many cases, but what about situations in which audit security is perhaps only sensible but not explicitly regulated by law?

The Data Protection Authority in Berlin

The data protection authority in Berlin has expressed its own opinion on this in its press release, and it will be very interesting to see whether it holds up in court.

Data cemeteries, as we found at Deutsche Wohnen SE, unfortunately meet us frequently in supervisory practice. Unfortunately, the explosiveness of such grievances is only clearly demonstrated to us when, for example, cyber-attacks have led to abusive access to the mass-hoarded data. Even without such serious consequences, however, we are dealing with a blatant breach of the principles of data protection, which are intended to protect those affected from such risks. It is gratifying that the general data protection regulation has introduced the possibility of sanctioning such structural deficiencies before the data GAU occurs. I recommend that all data processing bodies check their data archiving for compatibility with the GDPR.

  Even if cyber attacks are indeed relevant and everyone should take technical and organizational precautions against data theft, the fact that we are talking about data cemeteries is quite harsh. Many companies would probably even want to have to store less data for a few years and reduce certain tendencies towards excessive bureaucracy. Especially in the areas of tax law, social security law or employment law, you can quickly grow grey hair when you think about all the obligations that exist, which in turn are often only indirectly standardized or shaped by court rulings.

And now?

The fear is quite justified that in the coming years the dispute between data protection and bureaucracy, between cyber security and the legitimate interests of tax, customs and social security authorities, will be played out on the backs of the self-employed or SMEs. Whether this is of economic and data protection is open to question. In the worst-case scenario, the economy will have to pay even more for obligations and even more costs for improved software solutions. We can therefore look forward to seeing how this procedure proceeds.

Marian Härtel
Author: Marian Härtel

Marian Härtel ist Rechtsanwalt und Fachanwalt für IT-Recht mit einer über 25-jährigen Erfahrung als Unternehmer und Berater in den Bereichen Games, E-Sport, Blockchain, SaaS und Künstliche Intelligenz. Seine Beratungsschwerpunkte umfassen neben dem IT-Recht insbesondere das Urheberrecht, Medienrecht sowie Wettbewerbsrecht. Er betreut schwerpunktmäßig Start-ups, Agenturen und Influencer, die er in strategischen Fragen, komplexen Vertragsangelegenheiten sowie bei Investitionsprojekten begleitet. Dabei zeichnet sich seine Beratung durch einen interdisziplinären Ansatz aus, der juristische Expertise und langjährige unternehmerische Erfahrung miteinander verbindet. Ziel seiner Tätigkeit ist stets, Mandanten praxisorientierte Lösungen anzubieten und rechtlich fundierte Unterstützung bei der Umsetzung innovativer Geschäftsmodelle zu gewährleisten.

Tags: FreelancerGeneral Data Protection RegulationInformationJudgmentsLabour lawLegal issuesLegal questionPersonal dataPrivacyRegulationSanctionSicherheitSocial securitySoftwareVerträge

Weitere spannende Blogposts

Setting cookies without consent is a violation of competition law

Already created a processing directory?
7. November 2022

In a decision dated October 29, 2020, the Regional Court of Cologne made an interesting decision on the subject of...

Read moreDetails

Public consultation on copyright reform

copyright
7. November 2022

The Federal Ministry of Justice and for Consumer Protection (BMJV) is conducting a public consultation on the implementation of the...

Read moreDetails

English version (of the homepage) complete

English version (of the homepage) complete
28. December 2022

I still have to tinker around for a while to fix some small bugs with the english version of the...

Read moreDetails

Manufacturer’s information when applying for electrical appliances

Manufacturer’s information when applying for electrical appliances
14. January 2019

In a judgment of the end of last year, the Landgericht Dortmund agreed with the unanimous case law of, for...

Read moreDetails

Invoice for fake order? BGH says: Is anti-competitive

Online shops: Attention to advertising with EIA
23. September 2019

The Federal Court of Justice has passed a judgment that could well have the potential to cause headaches for many...

Read moreDetails

Google Analytics 4: New clothes, but legally nothing changes?

Google Analytics 4: New clothes, but legally nothing changes?
27. June 2023

The introduction of Google Analytics 4 and data protection challenges Google recently announced that as of July 1, 2023, it...

Read moreDetails

Influencer Marketing and the Law in Italy

Frankfurt district court a.M. softens influencer jurisdiction
7. November 2022

The following article was originally written by Andrea Rizzi from www.insightlegal.it and will be published here in German and in...

Read moreDetails

OLG Cologne allows advertising without bottle deposit

OLG Cologne allows advertising without bottle deposit
7. November 2022

Competition association, which wanted to achieve this from two large retail chains, was now also defeated in the second instance...

Read moreDetails

LG Berlin: Multiple contracts require separate order buttons

LG Berlin: Multiple contracts require separate order buttons
3. June 2023

Introduction and explanation of the button solution The convenience of online shopping has undoubtedly revolutionized our buying habits. With just...

Read moreDetails
Cybermobbing

Cybermobbing

15. October 2024

Cybermobbing, auch als Cyberbullying bekannt, bezeichnet das absichtliche Beleidigen, Bedrohen, Bloßstellen oder Belästigen von Personen mithilfe moderner Kommunikationsmittel, meist über...

Read moreDetails
eff652d70b8b13586648bcc41c5a83f3

Trade Tax Act (GewStG):

9. November 2024
E-Geld

E-Geld

27. June 2023
Wettbewerbsrecht

Unterlassungserklärung

24. June 2023
dora

DORA

28. June 2023

Podcast Folgen

d00527fd01b1f807a4f80c0f202069e7

Legal basics for startup founders – how to start on the safe side!

9. November 2024

In this episode of the Itmedialaw podcast, lawyer and entrepreneur Marian Härtel takes you on a journey through the legal...

Legal challenges in the gaming universe: A guide for developers, esports professionals and gamers

What will 2025 bring for start-ups in legal terms? Opportunities? Risks?

24. January 2025

In this exciting episode of the itmedialaw podcast, we take a deep dive into the legal developments that will shape...

43a60cb39d7ea477ac8f3845c1b7739c

Legal advice for start-ups – investments that pay off

8. December 2024

This episode of the ITmedialaw.com podcast is all about the importance of legal advice for startups. Host Marian Härtel talks...

8ffe8f2a4228de20d20238899b3d922e

Web3, blockchain and law – a critical review

26. September 2024

  In this insightful episode of the ITmedialaw podcast, we take an in-depth look at the intersection of Web3, blockchain...

  • Privacy policy
  • Imprint
  • Contact
  • About lawyer Marian Härtel
Marian Härtel, Rathenaustr. 58a, 14612 Falkensee, info@itmedialaw.com

Marian Härtel - Rechtsanwalt für IT-Recht, Medienrecht und Startups, mit einem Fokus auf innovative Geschäftsmodelle, Games, KI und Finanzierungsberatung.

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms below to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
  • en English
  • de Deutsch
Kostenlose Kurzberatung