In particular, smaller companies often have an internal data protection officer who is overstrained with the legal or technical aspects of their tasks. Especially with complex contractual arrangements, the wording of declarations and guidelines, the assessment of specific security gaps or the necessary training of employees, support from an attorney or IT specialist is often required.
When implementing privacy provisions, it is important to orientate yourself on the existing structures. No controller – whether company or public authority – is equal. Therefore, it is not possible to implement all requirements overnight and, in particular, to create the mandatory documentation on the basis of templates. An individual analysis of the actual circumstances is always necessary, which in the end results in difficulties in the area of privacy.
Regardless of whether the competent supervisory authority announces an audit, a certification is pending or a specific privacy issue arises – with their experience for years in advising companies of various industries, the consultants at MORGENSTERN will support you to solve complicated legal issues and deal with authorities and certification bodies.