Two-factor authentication hacked
Two-factor authentication (also known as 2FA) is used for additional security when logging in, which is otherwise usually only secured with a password and user name. In some cases, multi-factor authentication (MFA) is also used for this purpose. With some of these...
Driver's license: control by the employer compliant with data protection?
In companies with a fleet of vehicles or in industries where business trips are the order of the day, employers regularly check their employees' driver's licenses. How this control can be designed in accordance with data protection and when it is necessary at all....
Photo transfer and data protection
More and more banks are offering the so-called photo transfer service. Here, the account holder can take a photo of a bill he wants to pay with his smartphone. This bill is then paid immediately via the corresponding banking app. Quickly...
"Pre-employment screening": data protection in the personnel selection process
When a company needs to fill a new position, personnel managers try to fill it in the best possible way with the help of a personnel selection process. It is not uncommon for them to do their own research in order to obtain more information about the applicant or...
Person responsible: Also managing director of a limited liability company in addition to the company
In its ruling of November 30, 2021 (case number 4 U 1158/21), the Dresden Higher Regional Court ordered a company and its managing director jointly and severally to pay damages under the GDPR. The court also regarded the managing director as...
Damages in case of disclosure of dynamic IP address when using Google Fonts
In its ruling of January 20, 2022, the Regional Court of Munich decided that the disclosure of the dynamic IP address to Google when using Google Fonts without the consent of the person concerned gives rise to a claim for damages (in the present case in the amount of €100)....
EDSA on the right of access according to Art. 15 DSGVO
The right to information under Article 15 of the GDPR is one of the rights of the data subject under the GDPR. How far this right should ultimately extend in practice is legally considered controversial. Now, the European Data Protection Committee (EDSA; also "European Data Protection...
The 5 most common corporate data breaches
A wide variety of companies regularly report data privacy violations to the data protection authorities. For the companies concerned, this usually means high financial and reputational consequences. That is why they attach great importance to precautionary measures. Besides...
Recording telephone calls - compliant with data protection?
Many companies regularly draw valuable information from communication with customers. It is not uncommon for this information to be obtained via telephone calls. In order to secure this information, it makes sense, for example, to record telephone calls. But is this...
Tesla as company car not compliant with data protection?
Vehicles from the manufacturer Tesla are becoming increasingly popular, especially in the e-mobility scene. So it's no wonder that the idea of using Tesla vehicles as company vehicles is quickly being considered. In data protection law, this primarily involves...
English 
Deutsch 
Español 
Français 
Polski