• Mehr als 3 Millionen Wörter Inhalt
  • |
  • info@itmedialaw.com
  • |
  • Tel: 03322 5078053
Rechtsanwalt Marian Härtel - ITMediaLaw

No products in the cart.

  • en English
  • de Deutsch
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
Kurzberatung
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
Rechtsanwalt Marian Härtel - ITMediaLaw

Data protection impact assessment: What is it?

29. November 2019
in Data protection Law
Reading Time: 2 mins read
0 0
A A
0
hacker 4031973 1280
Key Facts
  • Introduction of the GDPR brought numerous innovations and the data protection impact assessment.
  • Processing directory is required for individuals, self-employed persons and entrepreneurs with personal data.
  • Art. 35 GDPR regulates the data protection impact assessment in the event of a high risk to the rights of natural persons.
  • Written documentation is required if an impact assessment is carried out or not carried out.
  • Online stores should consider a data protection impact assessment when creating customer profiles.
  • An impact assessment is not a one-off process; it must be reviewed regularly.
  • It serves as an instrument for improving data protection processes and IT security.

With the introduction of the GDPR last year, there were numerous innovations and renaming of methods or renames. One of these is likely to be the data protection impact assessment.

While most people have heard about a privacy policy and that such a, more or less meaningful, must be incorporated into their own website, it usually stops with other instruments. For example, very few people know that as a person, self-employed person or entrepreneur who processes personal data, you must create a processing directory (see this article).

The same should apply to a data protection impact assessment, which is regulated by Article 35 GDPR.

If a form of processing, in particular when using new technologies, is likely to result in a high risk to the rights and freedoms of natural persons due to the nature, scope, context and purposes of the processing, the controller shall carry out an assessment of the impact of the envisaged processing operations on the protection of personal data beforehand.

But who must carry out such a data protection impact assessment? Well, the relevant case is likely to be when there is a systematic and comprehensive assessment of personal aspects relating to natural persons, which is based on automated processing, including profiling, and which in turn serves as the basis for decisions that produce legal effects concerning natural persons or similarly significantly affect them.

A positive list of the types of data processing operations concerned can be found in this document. But beware: this is not a final list.

It is up to each person to decide for himself whether the prerequisites are in place. However, in the opinion of the Data Protection Commission, the decision to carry out or not carry out an impact assessment, stating the relevant reasons for the specific processing operation, must be documented in writing.

For typical online shops, etc., processing processes such as the creation of comprehensive profiles about the movement and purchasing behaviour of affected persons are probably the most relevant. These could arise when recording the purchasing behavior of different groups of people for profiling and customer loyalty with the help of prices, discounts and rebates .

Using WooCommerce or Shopify as plugins that analyze customers’ buying behavior and statistically evaluate and evaluate the success of discount promotions, such as Black Friday sales, a data protection impact assessment may be necessary.

Incidentally, a data protection impact assessment is not a one-off process. If, for example, new risks arise, the assessment of already identified risks changes or if there are material changes in the procedure that have not been taken into account in the previous data protection impact assessment, the data protection impact assessment shall be check and adapt.

The data protection impact assessment is therefore in little something of an instrument to simply think about one’s own data protection processes and to include things such as IT security, amount of data, deletions, archiving, access rights and much more. little to worry about. There are a few more tips in this short paper.

 

 

Marian Härtel
Author: Marian Härtel

Marian Härtel ist Rechtsanwalt und Fachanwalt für IT-Recht mit einer über 25-jährigen Erfahrung als Unternehmer und Berater in den Bereichen Games, E-Sport, Blockchain, SaaS und Künstliche Intelligenz. Seine Beratungsschwerpunkte umfassen neben dem IT-Recht insbesondere das Urheberrecht, Medienrecht sowie Wettbewerbsrecht. Er betreut schwerpunktmäßig Start-ups, Agenturen und Influencer, die er in strategischen Fragen, komplexen Vertragsangelegenheiten sowie bei Investitionsprojekten begleitet. Dabei zeichnet sich seine Beratung durch einen interdisziplinären Ansatz aus, der juristische Expertise und langjährige unternehmerische Erfahrung miteinander verbindet. Ziel seiner Tätigkeit ist stets, Mandanten praxisorientierte Lösungen anzubieten und rechtlich fundierte Unterstützung bei der Umsetzung innovativer Geschäftsmodelle zu gewährleisten.

Tags: DiscountEntscheidungenPrivacySicherheitTest

Weitere spannende Blogposts

IGD waives claims arising from data protection

abmahnung
7. November 2022

Actually, the topic IGD Interessengemeinschaft Datenschutz e.V. has already been dealt with sufficiently. I have reported on this here and...

Read moreDetails

Fiverr & sales tax: Is there a performance commission?

Fiverr & sales tax: Is there a performance commission?
7. November 2022

The topic of Upwork and Fiverr is one of the most popular topics on my blog. Uncertainty seems to be...

Read moreDetails

Obsolete CMS does not lead to fault liability

copyright
20. February 2019

The issue of disruptive liability often makes lawyers frighten enough, because it is a very German legal construct that has...

Read moreDetails

Geoblocking Regulation: Apps and the like?

Geoblocking Ordinance: Attention Warning Trap
7. November 2022

Does the geoblocking regulation I reported on here actually apply to apps and/or computer games? And if so, under what...

Read moreDetails

Preparing for Brexit?

Preparing for Brexit?
10. October 2019

Even if you never know for sure, it looks as if the UK will leave the European Union on 1...

Read moreDetails

OLG Cologne: Cloudflare liable as perpetrator

OLG Cologne: Cloudflare liable as perpetrator
9. November 2023

Introduction In a landmark decision, the Cologne Higher Regional Court has recalibrated the liability of service providers in the area...

Read moreDetails

Can Unity’s new runtime fee even be implemented in Europe under data protection law?

District Court Frankfurt a.M. on the right to be forgotten
15. September 2023

Introduction Unity is one of the most popular game development platforms in the world and has recently introduced a new...

Read moreDetails

Job offer: Trainee lawyer or student wanted for editorial work

Job offer: Trainee lawyer or student wanted for editorial work
7. November 2022

Dear readers, I am currently looking for a trainee lawyer or a student who is interested in IT law and...

Read moreDetails

NXT_APRIL Foundation Booster #2 – “Legal basics”

NXT_APRIL Foundation Booster #2 – “Legal basics”
17. May 2024

Dear Readers,Tomorrow, on April 18, 2024, I have the honor of speaking at the NXT_APRIL Start-up Booster #2 - "Legal...

Read moreDetails

Interstate Treaty on the Protection of Minors in the Media (JMStV)

26. June 2023

The Interstate Treaty on the Protection of Minors in the Media (Jugendmedienschutz-Staatsvertrag, JMStV) is an important set of regulations in...

Read moreDetails
Landgericht Köln hält Online-Vertragsgenerator für rechtswidrig

Leasingvertrag

10. November 2024
78796090 e9c2 4e54 b4a5 f0f30ed70116 20396729

Anscheinsvollmacht

29. March 2025
Age verification systems (AVS)

Age verification systems (AVS)

16. October 2024

Management Buy-out Vertrag (MBO)

10. November 2024

Podcast Folgen

Rechtliche Herausforderungen im Gaming-Universum: Ein Leitfaden für Entwickler, Esportler und Gamer

Was wird 2025 für Startups juristisch bringen? Chancen? Risiken?

24. January 2025

In dieser spannenden Episode des itmedialaw-Podcasts tauchen wir tief in die rechtlichen Entwicklungen ein, die die Startup-Welt im Jahr 2025...

Influencer und Gaming: Rechtliche Herausforderungen in der digitalen Unterhaltungswelt

Influencer und Gaming: Rechtliche Herausforderungen in der digitalen Unterhaltungswelt

25. September 2024

In dieser fesselnden Folge nimmt Rechtsanwalt Marian Härtel die Zuhörer mit auf eine spannende Reise durch die dynamische Welt der...

8315f1ef298eb54dfeed2f5e55c8b9da 1

Erste Testfolge des ITMediaLaw Podcast

26. August 2024

Erste TestfolgeLiebe Leserinnen und Leser,ich freue mich, heute den ersten Testlauf unseres brandneuen IT Media Law Podcasts zu präsentieren! In diesem Podcast...

Digitale Souveränität: Europas Weg in eine selbstbestimmte digitale Zukunft

Digitale Souveränität: Europas Weg in eine selbstbestimmte digitale Zukunft

12. November 2024

In dieser spannenden Episode des itmedialaw.com Podcasts tauchen wir tief in das hochaktuelle Thema der digitalen Souveränität ein. Vor dem...

  • Privacy policy
  • Imprint
  • Contact
  • About lawyer Marian Härtel
Marian Härtel, Rathenaustr. 58a, 14612 Falkensee, info@itmedialaw.com

Marian Härtel - Rechtsanwalt für IT-Recht, Medienrecht und Startups, mit einem Fokus auf innovative Geschäftsmodelle, Games, KI und Finanzierungsberatung.

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms below to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
  • en English
  • de Deutsch
Kostenlose Kurzberatung