• Mehr als 3 Millionen Wörter Inhalt
  • |
  • info@itmedialaw.com
  • |
  • Tel: 03322 5078053
Rechtsanwalt Marian Härtel - ITMediaLaw

No products in the cart.

  • en English
  • de Deutsch
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
    • Laws
    • Legal terms
    • Contract types
    • Clause types
    • Forms of financing
    • Legal means
    • Authorities
    • Company forms
    • Tax
    • Concepts
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
Kurzberatung
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
    • Laws
    • Legal terms
    • Contract types
    • Clause types
    • Forms of financing
    • Legal means
    • Authorities
    • Company forms
    • Tax
    • Concepts
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
Rechtsanwalt Marian Härtel - ITMediaLaw

Archiving obligation or GDPR regulations?

12. November 2019
in Data protection Law
Reading Time: 3 mins read
0 0
A A
0
binder 532220 1280

GDPR vs. Archiving Obligations

Content Hide
1. GDPR vs. Archiving Obligations
2. What happened?
3. What is the problem?
4. So what?
5. The Data Protection Authority in Berlin
6. And now?
6.1. Author: Marian Härtel

In recent weeks, a new discussion has flared up around one of the numerous legal issues in the GDPR. As if the GDPR has not yet brought enough uncertainty and is therefore, as one might think, jeopardizing the fundamentally correct idea of improved data protection due to the frustration of companies, service providers, the self-employed and freelancers.

What happened?

This was triggered by the recent decision of the Berlin Commissioner for Data Protection and Freedom of Information against Deutsche Wohnen SE. The latter has issued a fine of around EUR 14.5 million for breaches of the GDPR. During on-the-spot audits in June 2017 and March 2019, the supervisory authority found that the company used an archive system for storing the personal data of tenants that did not provide for the possibility of using data that was no longer required. to remove it. Personal data of tenants have been stored without checking whether storage is permissible or even necessary. In individual cases examined, it was therefore partially time-old private data of affected tenants to be consulted, without these still serving the purpose of their original survey. This involved data on the tenants’ personal and financial circumstances, such as salary statements, self-disclosure forms, extracts from employment and training contracts, tax, social security and health insurance data and bank statements.

What is the problem?

Data protection experts are of the opinion that the authority has been sloppy in its legal recourse to “privacy by design” and has done data protection a disservice. Because now there is a fine, Deutsche Wohnen will take action against it, but other companies and data protection officers still do not know which tenant data should have been deleted at what time; and therefore cannot apply these findings to their own databases and perhaps do better.

So what?

In this case, it is about archiving processes. While this concerns applications from tenants in this case, the problems are applicable, but also to accounting processes, job applications, support requests, taxes, travel expense reports, holiday applications and thousands of other aspects. In many of these circumstances, there are again legal obligations for archiving and in many other aspects it is mandatory or at least relevant that the archiving is audit-proof so that changes can be tracked by controlling authorities. such as the tax offices. It is therefore the purpose of many archiving operations to prevent certain operations, and thus related documents or data, from being deleted or changed. Is that the case in each of those cases by Article 6(6) of the 1 sentence 1c GDPR, which allows data processing to fulfil legal obligations? This may be possible in many cases, but what about situations in which audit security is perhaps only sensible but not explicitly regulated by law?

The Data Protection Authority in Berlin

The data protection authority in Berlin has expressed its own opinion on this in its press release, and it will be very interesting to see whether it holds up in court.

Data cemeteries, as we found at Deutsche Wohnen SE, unfortunately meet us frequently in supervisory practice. Unfortunately, the explosiveness of such grievances is only clearly demonstrated to us when, for example, cyber-attacks have led to abusive access to the mass-hoarded data. Even without such serious consequences, however, we are dealing with a blatant breach of the principles of data protection, which are intended to protect those affected from such risks. It is gratifying that the general data protection regulation has introduced the possibility of sanctioning such structural deficiencies before the data GAU occurs. I recommend that all data processing bodies check their data archiving for compatibility with the GDPR.

  Even if cyber attacks are indeed relevant and everyone should take technical and organizational precautions against data theft, the fact that we are talking about data cemeteries is quite harsh. Many companies would probably even want to have to store less data for a few years and reduce certain tendencies towards excessive bureaucracy. Especially in the areas of tax law, social security law or employment law, you can quickly grow grey hair when you think about all the obligations that exist, which in turn are often only indirectly standardized or shaped by court rulings.

And now?

The fear is quite justified that in the coming years the dispute between data protection and bureaucracy, between cyber security and the legitimate interests of tax, customs and social security authorities, will be played out on the backs of the self-employed or SMEs. Whether this is of economic and data protection is open to question. In the worst-case scenario, the economy will have to pay even more for obligations and even more costs for improved software solutions. We can therefore look forward to seeing how this procedure proceeds.

Marian Härtel
Author: Marian Härtel

Marian Härtel ist Rechtsanwalt und Fachanwalt für IT-Recht mit einer über 25-jährigen Erfahrung als Unternehmer und Berater in den Bereichen Games, E-Sport, Blockchain, SaaS und Künstliche Intelligenz. Seine Beratungsschwerpunkte umfassen neben dem IT-Recht insbesondere das Urheberrecht, Medienrecht sowie Wettbewerbsrecht. Er betreut schwerpunktmäßig Start-ups, Agenturen und Influencer, die er in strategischen Fragen, komplexen Vertragsangelegenheiten sowie bei Investitionsprojekten begleitet. Dabei zeichnet sich seine Beratung durch einen interdisziplinären Ansatz aus, der juristische Expertise und langjährige unternehmerische Erfahrung miteinander verbindet. Ziel seiner Tätigkeit ist stets, Mandanten praxisorientierte Lösungen anzubieten und rechtlich fundierte Unterstützung bei der Umsetzung innovativer Geschäftsmodelle zu gewährleisten.

Tags: FreelancerGeneral Data Protection RegulationInformationJudgmentsLabour lawLegal issuesLegal questionPersonal dataPrivacyRegulationSanctionSicherheitSocial securitySoftwareVerträge

Weitere spannende Blogposts

Better not send dickpicks via social media!

Better not send dickpicks via social media!
7. November 2022

Many of my blog posts are inspired by social media posts, questions from clients, and the like. Today this includes...

Read moreDetails

ECJ tightens requirements for GDPR disclosures

Data protection: “Targeted advertising” through “legitimate interest” at the end? EDPB vs. meta
19. January 2023

The European Court of Justice (ECJ) has ruled that data controllers must, in principle, disclose the identity of the recipients...

Read moreDetails

BGH decides on premature termination of Ebay auction

Small summary – Blizzard vs. Bossland
23. February 2023

Yesterday, the Federal Court of Justice (BGH) issued a decision on the conditions under which the seller may cancel the...

Read moreDetails

NXT_APRIL Foundation Booster #2 – “Legal basics”

NXT_APRIL Foundation Booster #2 – “Legal basics”
17. May 2024

Dear Readers,Tomorrow, on April 18, 2024, I have the honor of speaking at the NXT_APRIL Start-up Booster #2 - "Legal...

Read moreDetails

LinkedIn InMails: Between network maintenance and spam – limits, conditions and legal aspects

LinkedIn InMails: Between network maintenance and spam – limits, conditions and legal aspects
24. May 2023

LinkedIn InMail - A great tool for business communication As someone who is regularly on LinkedIn, I know how valuable...

Read moreDetails

BGH on time limits and costs and closing letters for preliminary injunctions.

BGH considers Uber Black to be anti-competitive
26. May 2023

Introduction The landscape of German law is constantly in flux, characterized by ongoing adjustments and clarifications. A central role in...

Read moreDetails

Cologne District Court considers online contract generator to be illegal

Cologne District Court considers online contract generator to be illegal
15. October 2019

On 08.10.2019, the Regional Court of Cologne (file number 33 O 35/19) issued a landmark ruling for the assessment of...

Read moreDetails

Is the flying jurisdiction dead after all?

Countdown/threat via Instagram = bear police costs
7. November 2022

A few days ago, I reported that the Düsseldorf Regional Court kept the flying jurisdiction for legal issues on YouTube...

Read moreDetails

BGH submits definition of “immaterial damage” under GDPR to ECJ

BGH submits definition of “immaterial damage” under GDPR to ECJ
10. November 2023

The VI. Civil Senate of the Federal Court of Justice referred questions to the Court of Justice of the European...

Read moreDetails
Convertible loans in startup financing: legal considerations and current developments

Crowdfunding

25. June 2023

Crowdfunding is an increasingly popular method of financing projects, start-ups and various initiatives in the Federal Republic of Germany. In...

Read moreDetails
dora

DORA

28. June 2023
elektronisches wertpapiergesetz ewpg

Electronic Securities Register Ordinance – eWpRV

28. June 2023
Trade Regulation Act (GewO)

Condiction

1. July 2023
SAFE (Simple Agreement for Future Equity)

SAFE (Simple Agreement for Future Equity)

16. October 2024

Podcast Folgen

d5ab3414c7c4a7a5040c3c3c60451c44

The metaverse – legal challenges in virtual worlds

26. September 2024

In this fascinating episode, we dive deep into the legal aspects of the metaverse. As a lawyer and tech enthusiast,...

AI in law: opportunities, risks and regulation – the IT Media Law Podcast Episode 3

AI in law: opportunities, risks and regulation – the IT Media Law Podcast Episode 3

24. September 2024

Welcome to the third episode of our podcast "IT Media Law"! In this episode, we delve into the fascinating world...

Legal challenges in the gaming universe: A guide for developers, esports professionals and gamers

What will 2025 bring for start-ups in legal terms? Opportunities? Risks?

24. January 2025

In this exciting episode of the itmedialaw podcast, we take a deep dive into the legal developments that will shape...

238a909c26a0302cbd4792cbd18e4922

Global challenges for start-ups – A legal guide

10. October 2024

This informative podcast offers a comprehensive insight into the legal challenges faced by start-ups when expanding internationally. The experienced lawyer...

  • Privacy policy
  • Imprint
  • Contact
  • About lawyer Marian Härtel
Marian Härtel, Rathenaustr. 58a, 14612 Falkensee, info@itmedialaw.com

Marian Härtel - Rechtsanwalt für IT-Recht, Medienrecht und Startups, mit einem Fokus auf innovative Geschäftsmodelle, Games, KI und Finanzierungsberatung.

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms below to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
    • Laws
    • Legal terms
    • Contract types
    • Clause types
    • Forms of financing
    • Legal means
    • Authorities
    • Company forms
    • Tax
    • Concepts
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
  • en English
  • de Deutsch
Kostenlose Kurzberatung