• Mehr als 3 Millionen Wörter Inhalt
  • |
  • info@itmedialaw.com
  • |
  • Tel: 03322 5078053
Rechtsanwalt Marian Härtel - ITMediaLaw

No products in the cart.

  • en English
  • de Deutsch
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
    • Laws
    • Legal terms
    • Contract types
    • Clause types
    • Forms of financing
    • Legal means
    • Authorities
    • Company forms
    • Tax
    • Concepts
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
Kurzberatung
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
    • Laws
    • Legal terms
    • Contract types
    • Clause types
    • Forms of financing
    • Legal means
    • Authorities
    • Company forms
    • Tax
    • Concepts
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
Rechtsanwalt Marian Härtel - ITMediaLaw

Data protection impact assessment: What is it?

29. November 2019
in Data protection Law
Reading Time: 2 mins read
0 0
A A
0
hacker 4031973 1280
Key Facts
  • Introduction of the GDPR brought numerous innovations and the data protection impact assessment.
  • Processing directory is required for individuals, self-employed persons and entrepreneurs with personal data.
  • Art. 35 GDPR regulates the data protection impact assessment in the event of a high risk to the rights of natural persons.
  • Written documentation is required if an impact assessment is carried out or not carried out.
  • Online stores should consider a data protection impact assessment when creating customer profiles.
  • An impact assessment is not a one-off process; it must be reviewed regularly.
  • It serves as an instrument for improving data protection processes and IT security.

With the introduction of the GDPR last year, there were numerous innovations and renaming of methods or renames. One of these is likely to be the data protection impact assessment.

While most people have heard about a privacy policy and that such a, more or less meaningful, must be incorporated into their own website, it usually stops with other instruments. For example, very few people know that as a person, self-employed person or entrepreneur who processes personal data, you must create a processing directory (see this article).

The same should apply to a data protection impact assessment, which is regulated by Article 35 GDPR.

If a form of processing, in particular when using new technologies, is likely to result in a high risk to the rights and freedoms of natural persons due to the nature, scope, context and purposes of the processing, the controller shall carry out an assessment of the impact of the envisaged processing operations on the protection of personal data beforehand.

But who must carry out such a data protection impact assessment? Well, the relevant case is likely to be when there is a systematic and comprehensive assessment of personal aspects relating to natural persons, which is based on automated processing, including profiling, and which in turn serves as the basis for decisions that produce legal effects concerning natural persons or similarly significantly affect them.

A positive list of the types of data processing operations concerned can be found in this document. But beware: this is not a final list.

It is up to each person to decide for himself whether the prerequisites are in place. However, in the opinion of the Data Protection Commission, the decision to carry out or not carry out an impact assessment, stating the relevant reasons for the specific processing operation, must be documented in writing.

For typical online shops, etc., processing processes such as the creation of comprehensive profiles about the movement and purchasing behaviour of affected persons are probably the most relevant. These could arise when recording the purchasing behavior of different groups of people for profiling and customer loyalty with the help of prices, discounts and rebates .

Using WooCommerce or Shopify as plugins that analyze customers’ buying behavior and statistically evaluate and evaluate the success of discount promotions, such as Black Friday sales, a data protection impact assessment may be necessary.

Incidentally, a data protection impact assessment is not a one-off process. If, for example, new risks arise, the assessment of already identified risks changes or if there are material changes in the procedure that have not been taken into account in the previous data protection impact assessment, the data protection impact assessment shall be check and adapt.

The data protection impact assessment is therefore in little something of an instrument to simply think about one’s own data protection processes and to include things such as IT security, amount of data, deletions, archiving, access rights and much more. little to worry about. There are a few more tips in this short paper.

 

 

Marian Härtel
Author: Marian Härtel

Marian Härtel ist Rechtsanwalt und Fachanwalt für IT-Recht mit einer über 25-jährigen Erfahrung als Unternehmer und Berater in den Bereichen Games, E-Sport, Blockchain, SaaS und Künstliche Intelligenz. Seine Beratungsschwerpunkte umfassen neben dem IT-Recht insbesondere das Urheberrecht, Medienrecht sowie Wettbewerbsrecht. Er betreut schwerpunktmäßig Start-ups, Agenturen und Influencer, die er in strategischen Fragen, komplexen Vertragsangelegenheiten sowie bei Investitionsprojekten begleitet. Dabei zeichnet sich seine Beratung durch einen interdisziplinären Ansatz aus, der juristische Expertise und langjährige unternehmerische Erfahrung miteinander verbindet. Ziel seiner Tätigkeit ist stets, Mandanten praxisorientierte Lösungen anzubieten und rechtlich fundierte Unterstützung bei der Umsetzung innovativer Geschäftsmodelle zu gewährleisten.

Tags: DiscountEntscheidungenPrivacySicherheitTest

Weitere spannende Blogposts

Online shops: Attention to advertising with EIA

Online shops: Attention to advertising with EIA
17. December 2018

For years I have worked with H&H Games Consulting GmbH, or now Esports Consulting GmbH, also in the field of...

Read moreDetails

Data protection: UK soon to be an insecure third country?

LG Munich: Data protection consent on dating platform
7. November 2022

Brexit is likely to keep lawyers, authorities and courts busy for a long time to come. Just recently in this...

Read moreDetails

Copyright in the digital world: What’s next for AI image generators?

Copyright in the digital world: What’s next for AI image generators?
17. January 2023

Introduction The use of AI image generators has become an increasingly important factor in copyright law in recent years. This...

Read moreDetails

Data protection in the digital age: Landmark ruling by Cologne Regional Court on the use of Google Analytics

Data protection in the digital age: Landmark ruling by Cologne Regional Court on the use of Google Analytics
11. May 2023

Introduction: An expected verdict and its effects The Cologne Regional Court has sent a signal with a ruling that was...

Read moreDetails

Discount promotions may not be extended

Discount promotions may not be extended
7. November 2022

Since I have currently just seen the opposite, I would like to briefly point out the following circumstance in the...

Read moreDetails

Semi-fungible tokens (SFTs) in a legal context

Fractionalized Digital Assets and their Position in German and European Regulatory Law
19. March 2024

Introduction: The distinction between SFTs and NFTs As a lawyer specializing in advising clients in the blockchain sector, I am...

Read moreDetails

Vision of contract execution: how smart contracts could shape the future of payments and legal processes

Vision of contract execution: how smart contracts could shape the future of payments and legal processes
19. October 2023

Introduction Technology is rapidly evolving and opening doors to new opportunities in the legal field, a development that always fascinates...

Read moreDetails

Why professional partners value professional contracts

870c815af09a0945cff337ae9850de77
13. August 2024

As a lawyer who advises many young startups and influencer marketing agencies, I often hear the opinion that written contracts...

Read moreDetails

Cookies for advertising purposes only with the active consent of the user

ECJ: Cookies require explicit consent of users
5. June 2020

The BGH has ruled on the question of the requirements for consent to telephone advertising and the storage of cookies...

Read moreDetails
Eigentum an Software – Wem gehört eigentlich der Code?
Copyright

Eigentum an Software – Wem gehört eigentlich der Code?

14. July 2025

Während ich an meinem eigenen WordPress-Plugin code, taucht immer wieder eine Frage auf: Gehört mir diese Software wirklich? Im Alltagsverständnis...

Read moreDetails
Startup ohne Entwickler?

Startup ohne Entwickler?

8. July 2025
Keine stillschweigende AGB-Änderung – Schweigen gilt nicht als Zustimnung

Keine stillschweigende AGB-Änderung – Schweigen gilt nicht als Zustimnung

7. July 2025
So langsam nimmt der Shop Form an

So langsam nimmt der Shop Form an

3. July 2025
Dark Patterns: UX-Tricks im Visier von Gesetzgeber und Gerichten

Dark Patterns: UX-Tricks im Visier von Gesetzgeber und Gerichten

2. July 2025

Podcastfolge

Legal challenges when implementing confidential computing: data protection and encryption in the cloud

Smart Contracts und Blockchain

22. December 2024

In dieser fesselnden Podcast-Episode tauch ich tief in die Welt der Blockchain-Technologie und Smart Contracts ein. Die 25-minütige Folge beleuchtet,...

Read moreDetails
Rechtliche Herausforderungen innovativer Geschäftsmodelle

Rechtliche Herausforderungen innovativer Geschäftsmodelle

26. September 2024
KI im Recht: Chancen, Risiken und Regulierung – der IT Media Law Podcast Episode 3

KI im Recht: Chancen, Risiken und Regulierung – der IT Media Law Podcast Episode 3

28. August 2024
Rechtliche Risiken bei langen Entwicklungszeiten und der Stornierung von Crowdfundingspielen

Rechtliche Risiken bei langen Entwicklungszeiten und der Stornierung von Crowdfundingspielen

20. April 2025
Globale Herausforderungen für Startups – Ein rechtlicher Leitfaden

Globale Herausforderungen für Startups – Ein rechtlicher Leitfaden

2. October 2024

Video

Mein transparente Abrechnung

Mein transparente Abrechnung

10. February 2025

In diesem Video rede ich ein wenig über transparente Abrechnung und wie ich kommuniziere, was es kostet, wenn man mit...

Read moreDetails
Faszination zwischen und Recht und Technologie

Faszination zwischen und Recht und Technologie

10. February 2025
Meine zwei größten Herausforderungen sind?

Meine zwei größten Herausforderungen sind?

10. February 2025
Was mich wirklich freut

Was mich wirklich freut

10. February 2025
Was ich an meinem Job liebe!

Was ich an meinem Job liebe!

10. February 2025
  • Privacy policy
  • Imprint
  • Contact
  • About lawyer Marian Härtel
Marian Härtel, Rathenaustr. 58a, 14612 Falkensee, info@itmedialaw.com

Marian Härtel - Rechtsanwalt für IT-Recht, Medienrecht und Startups, mit einem Fokus auf innovative Geschäftsmodelle, Games, KI und Finanzierungsberatung.

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms below to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
    • Laws
    • Legal terms
    • Contract types
    • Clause types
    • Forms of financing
    • Legal means
    • Authorities
    • Company forms
    • Tax
    • Concepts
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
  • en English
  • de Deutsch
Kostenlose Kurzberatung