IT companies work with us every day personal data, because they offer SaaS solutions, for example, with which they Access to Personal Data of companies get. These include, among others
Here, the mere inspection of the data counts as processing, which can almost never be ruled out. This processing falls under the GDPR, which is why they have to be protected with special contractual regulations.
IT companies in particular have to pay close attention to the correct legal implementation of the GDPR, as the main part of their business model is digitized and / or takes place online. Accordingly, a data protection declaration corresponding to the current legal situation must be found on the website.
IT consulting companies often count as processors under Article 4 of the GDPR. In this case, customers must Order processing contract (AVV) conclude with the company in which there are certain regulations on the handling of personal data.
Among other things, when creating these contracts, but also with technical and organizational measures (TOMs) etc. can a external data protection officer be very helpful. This not only keeps an overview of all data protection matters, but also provides information about current changes and is always available to answer questions.
Choose heyData and benefit from your personal and professional contact person who ensures data protection compliance at all levels and at the highest level.
The basic idea of data protection is that modern data processing endangers the free development of the personality of each individual. The assumption is that those who do not know or cannot control what information is being stored and retained about him or her adjust their behavior out of caution. Data protection therefore protects individuals from the state or a company collecting or storing their personal data without authorisation. The General Data Protection Regulation (GDPR) of 2018 sets strict limits on the processing of personal data. It is important that companies follow these guidelines, otherwise there is a risk of fines, warnings and competitive disadvantages.
On our How it works page you can find out why data protection is relevant for your company and how we at heyData support you. In our FAQs, our data protection basics and in our magazine you will also get an overview of the complex topic of data protection. Our white papers also provide an insight into the important basics of data protection aspects. Finally, we regularly offer free webinars on data protection. These give you the opportunity to educate yourself on exciting topics and to ask an expert questions.
Internally, it is an important task of a data protection officer in accordance with Art. 39 Para. 1 GDPR to point out that data protection regulations are observed. However, this is not an end in itself, but rather protects your company from expensive fines. 17 supervisory authorities monitor compliance with data protection regulations on the state side. If there are violations, your company can be punished with fines of up to 20 million euros or 4% of the turnover. In addition, warnings are threatened.
The Data Protection Act regulates all relevant provisions that affect personal data processing in the company. Every company that operates in the EU is obliged to comply with data protection regulations. Management is responsible for this.
The most important obligations of companies in the data protection area are: