• Mehr als 3 Millionen Wörter Inhalt
  • |
  • info@itmedialaw.com
  • |
  • Tel: 03322 5078053
Rechtsanwalt Marian Härtel - ITMediaLaw

No products in the cart.

  • en English
  • de Deutsch
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
    • Laws
    • Legal terms
    • Contract types
    • Clause types
    • Forms of financing
    • Legal means
    • Authorities
    • Company forms
    • Tax
    • Concepts
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
Kurzberatung
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
    • Laws
    • Legal terms
    • Contract types
    • Clause types
    • Forms of financing
    • Legal means
    • Authorities
    • Company forms
    • Tax
    • Concepts
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
Rechtsanwalt Marian Härtel - ITMediaLaw

Data protection impact assessment: What is it?

29. November 2019
in Data protection Law
Reading Time: 2 mins read
0 0
A A
0
hacker 4031973 1280
Key Facts
  • Introduction of the GDPR brought numerous innovations and the data protection impact assessment.
  • Processing directory is required for individuals, self-employed persons and entrepreneurs with personal data.
  • Art. 35 GDPR regulates the data protection impact assessment in the event of a high risk to the rights of natural persons.
  • Written documentation is required if an impact assessment is carried out or not carried out.
  • Online stores should consider a data protection impact assessment when creating customer profiles.
  • An impact assessment is not a one-off process; it must be reviewed regularly.
  • It serves as an instrument for improving data protection processes and IT security.

With the introduction of the GDPR last year, there were numerous innovations and renaming of methods or renames. One of these is likely to be the data protection impact assessment.

While most people have heard about a privacy policy and that such a, more or less meaningful, must be incorporated into their own website, it usually stops with other instruments. For example, very few people know that as a person, self-employed person or entrepreneur who processes personal data, you must create a processing directory (see this article).

The same should apply to a data protection impact assessment, which is regulated by Article 35 GDPR.

If a form of processing, in particular when using new technologies, is likely to result in a high risk to the rights and freedoms of natural persons due to the nature, scope, context and purposes of the processing, the controller shall carry out an assessment of the impact of the envisaged processing operations on the protection of personal data beforehand.

But who must carry out such a data protection impact assessment? Well, the relevant case is likely to be when there is a systematic and comprehensive assessment of personal aspects relating to natural persons, which is based on automated processing, including profiling, and which in turn serves as the basis for decisions that produce legal effects concerning natural persons or similarly significantly affect them.

A positive list of the types of data processing operations concerned can be found in this document. But beware: this is not a final list.

It is up to each person to decide for himself whether the prerequisites are in place. However, in the opinion of the Data Protection Commission, the decision to carry out or not carry out an impact assessment, stating the relevant reasons for the specific processing operation, must be documented in writing.

For typical online shops, etc., processing processes such as the creation of comprehensive profiles about the movement and purchasing behaviour of affected persons are probably the most relevant. These could arise when recording the purchasing behavior of different groups of people for profiling and customer loyalty with the help of prices, discounts and rebates .

Using WooCommerce or Shopify as plugins that analyze customers’ buying behavior and statistically evaluate and evaluate the success of discount promotions, such as Black Friday sales, a data protection impact assessment may be necessary.

Incidentally, a data protection impact assessment is not a one-off process. If, for example, new risks arise, the assessment of already identified risks changes or if there are material changes in the procedure that have not been taken into account in the previous data protection impact assessment, the data protection impact assessment shall be check and adapt.

The data protection impact assessment is therefore in little something of an instrument to simply think about one’s own data protection processes and to include things such as IT security, amount of data, deletions, archiving, access rights and much more. little to worry about. There are a few more tips in this short paper.

 

 

Marian Härtel
Author: Marian Härtel

Marian Härtel ist Rechtsanwalt und Fachanwalt für IT-Recht mit einer über 25-jährigen Erfahrung als Unternehmer und Berater in den Bereichen Games, E-Sport, Blockchain, SaaS und Künstliche Intelligenz. Seine Beratungsschwerpunkte umfassen neben dem IT-Recht insbesondere das Urheberrecht, Medienrecht sowie Wettbewerbsrecht. Er betreut schwerpunktmäßig Start-ups, Agenturen und Influencer, die er in strategischen Fragen, komplexen Vertragsangelegenheiten sowie bei Investitionsprojekten begleitet. Dabei zeichnet sich seine Beratung durch einen interdisziplinären Ansatz aus, der juristische Expertise und langjährige unternehmerische Erfahrung miteinander verbindet. Ziel seiner Tätigkeit ist stets, Mandanten praxisorientierte Lösungen anzubieten und rechtlich fundierte Unterstützung bei der Umsetzung innovativer Geschäftsmodelle zu gewährleisten.

Tags: DiscountEntscheidungenPrivacySicherheitTest

Weitere spannende Blogposts

ECJ overturns Privacy Shield: review contracts!

District Court Frankfurt a.M. on the right to be forgotten
7. November 2022

The General Data Protection Regulation(GDPR) stipulates that personal data may in principle only be transferred to a third country if...

Read moreDetails

Advocate General at the ECJ on the admissibility of cheat software

Lego brick still protected as a design patent
14. June 2024

Advocate General at the ECJ on the admissibility of cheat software For many years, I had the opportunity to accompany...

Read moreDetails

Legally compliant contract design for the gig economy

Sole proprietor / sole proprietorship
10. October 2024

The gig economy has experienced an enormous boom in recent years and is increasingly shaping the modern working world. Start-ups...

Read moreDetails

Legal consequence for failure to perform a utility token?

What are Security Tokens and what are Utility Tokens?
19. January 2023

What are utility tokens? Utility tokens are one of the most common variants among blockchain providers. They are intended to...

Read moreDetails

“Invested” in tokens and nothing happened? Get money back?

“Invested” in tokens and nothing happened? Get money back?
17. January 2023

Currently, there are very many projects in the field of blockchain, tokens and coins and the potential "investment opportunities" are...

Read moreDetails

The limits of German jurisdiction in B2B claims against US social media services

The limits of German jurisdiction in B2B claims against US social media services
8. January 2024

In an exciting ruling, the Regional Court of Lübeck decided that German courts do not have jurisdiction over contractual disputes...

Read moreDetails

The Darknet is not illegal!

Abusive warnings are punishable by law
7. November 2022

I don't have much to do with criminal law, except at the time of the state exam. That's why I...

Read moreDetails

Federal Cartel Office v. Facebook: Full text

LG Munich: Data protection consent on dating platform
7. November 2022

The Bundeskartellamt's decision against Facebook garnered some criticism, which begins with the question of the Bundeskartellamt's jurisdiction. But also elementary...

Read moreDetails

AI & Copyright: An Analysis

AI & Copyright: An Analysis
10. December 2022

AI & copyright is a new and important topic that worries many people. It is important to understand this issue...

Read moreDetails
fef58753 0e7b 493e 806b 4e8636913fce 202010382

Cybersquatting

29. March 2025

Definition and typical manifestations of cybersquatting Cybersquatting describes the unauthorized registration or use of Internet domains that contain protected third-party...

Read moreDetails
Telecommunications Telemedia Data Protection Act (TTDSG)

Telecommunications Telemedia Data Protection Act (TTDSG)

27. June 2023
IT Security Act (ITSiG)

IT Security Act (ITSiG)

16. October 2024
61a01a367632ed8b3400a0df83432980

Guarantee

10. November 2024
e0c1c4f3 5ebb 4781 ae38 575fa47f2696 202348477

Negligence

29. March 2025

Podcast Folgen

238a909c26a0302cbd4792cbd18e4922

Global challenges for start-ups – A legal guide

10. October 2024

This informative podcast offers a comprehensive insight into the legal challenges faced by start-ups when expanding internationally. The experienced lawyer...

Legal challenges in the gaming universe: A guide for developers, esports professionals and gamers

What will 2025 bring for start-ups in legal terms? Opportunities? Risks?

24. January 2025

In this exciting episode of the itmedialaw podcast, we take a deep dive into the legal developments that will shape...

43a60cb39d7ea477ac8f3845c1b7739c

Legal advice for start-ups – investments that pay off

8. December 2024

This episode of the ITmedialaw.com podcast is all about the importance of legal advice for startups. Host Marian Härtel talks...

247f58c28882e230e982fa3a32d34dea

Digital sovereignty: Europe’s path to a self-determined digital future

8. December 2024

In this exciting episode of the itmedialaw.com podcast, we take a deep dive into the highly topical subject of digital...

  • Privacy policy
  • Imprint
  • Contact
  • About lawyer Marian Härtel
Marian Härtel, Rathenaustr. 58a, 14612 Falkensee, info@itmedialaw.com

Marian Härtel - Rechtsanwalt für IT-Recht, Medienrecht und Startups, mit einem Fokus auf innovative Geschäftsmodelle, Games, KI und Finanzierungsberatung.

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms below to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
    • Laws
    • Legal terms
    • Contract types
    • Clause types
    • Forms of financing
    • Legal means
    • Authorities
    • Company forms
    • Tax
    • Concepts
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
  • en English
  • de Deutsch
Kostenlose Kurzberatung