On 25 May 2018, the provisions of German data protection law previously applicable to companies were replaced by the directly applicable European Data Protection Basic Regulation (DSGVO). The Federal Data Protection Act (BDSG) was largely revised. Since then, every company has had to comply with both the DSGVO and the BDSG. Against the background of the advancing digitalisation, compliance with data protection regulations is not only a legal obligation, but also goes hand in hand with the fulfilment of an increased need on the part of customers and business partners for responsible handling of their sensitive data.
Whether a company has to appoint a data protection officer depends on the number of employees. If this number is less than 10, the appointment is not necessary; in this case, the owner or managing director is solely responsible for compliance with all regulations and specifications of the DSGVO and the BDSG. If 10 or more employees are employed in the company, the appointment of an internal or external data protection officer is mandatory.
The appointment of an external data protection officer has several advantages over the appointment of an internal data protection officer: the high costs of data protection training for an employee are eliminated, the special right of termination enjoyed by an employee as data protection officer is avoided, and the risk of the trained internal data protection officer leaving the company can be avoided. With us as an external data protection officer according to the DSC standard, you have a professional at hand right from the start who has the appropriate know-how, can take an objective look at your company and save you time and money, so that you can concentrate fully on your core competencies.
BPS Services UG advises companies of all sizes in general business and organisational areas on the subject of data protection and data security. The consulting comprises the following core tasks:
- Explanation of the proper notification of interested parties
- Monitoring of compliance with the DSGVO, the new BDSG and other data protection regulations and the allocation of responsibilities
- Awareness raising and training
- Advice and monitoring in connection with the data protection impact assessment
- Cooperation with the supervisory authority
- Activity as a contact point for the supervisory authority annual privacy audit
We will be happy to advise you by telephone or e-mail and put together a service package tailored to your needs. For non-binding enquiries you can also contact us via our contact form.