Industry 4.0, Business 4.0, big data, car data, internet of things (IoT), cloud computing, smart home, smart car or e-health: personal data and the way it is being used is becoming an increasingly important part of existing or completely new business areas. At the same time, as digitalisation advances, there is always a situation of potential conflict between economic innovation and the protection of personal data. Compliance with and the violation of data protection laws are thus increasingly becoming the focus of public attention. This means that companies need to find their way around the conflict between their business interests and the legal requirements by ensuring their data protection is very well organised. Luther’s pragmatic and solution-oriented team that specialises in data protection law can help clients ensure that this succeeds as best as possible.

The processing of personal data is highly regulated. In addition to the EU General Data Protection Regulation (GDPR) and the new German Federal Data Protection Act (BDSG-neu), which has been amended to accord with EU law, sector-specific laws such as the German Telecommunications Act (TKG) or the German Act Against Unfair Competition (UWG) regulate how personal data is handled. Compliance and liability risks must be considered and safeguarded with regard to the exploitation of personal data, which offers attractive business opportunities for companies. The public sector, too, must take into account the special data protection requirements within the framework of the German Federal Data Protection Act.

Together with the client, Luther develops the best industry-focused data protection solution, tailored to the client’s individual corporate needs, on the basis of the current legislation, jurisprudence and the announcements made by the data protection supervisory authorities. This strategy is constantly being updated and is already taking into consideration the consequences of possible future developments.

Luther works with its clients to implement the requirements for complying with data protection law and develop processes to ensure such compliance is maintained in the long term. In particular, we verify compliance with the requirements under data protection law regarding the security of data transfers, taking into account current case law and developments in EU legislation, such as the ECJ’s Schrems II judgment or the new standard contractual clauses.

When implementing data protection management systems or new technologies, such as the digital twin or autonomous driving, we can support our clients based on our many years of experience.