


Photo transfer and data protection
More and more banks are offering the so-called photo transfer service. Here, the account holder can take a photo of a bill he wants to pay with his smartphone. This bill is then paid immediately via the corresponding banking app. Quickly...
"Pre-employment screening": data protection in the personnel selection process
When a company needs to fill a new position, personnel managers try to fill it in the best possible way with the help of a personnel selection process. It is not uncommon for them to do their own research in order to obtain more information about the applicant or...
Person responsible: Also managing director of a limited liability company in addition to the company
In its ruling of November 30, 2021 (case number 4 U 1158/21), the Dresden Higher Regional Court ordered a company and its managing director jointly and severally to pay damages under the GDPR. The court also regarded the managing director as...
Damages in case of disclosure of dynamic IP address when using Google Fonts
In its ruling of January 20, 2022, the Regional Court of Munich decided that the disclosure of the dynamic IP address to Google when using Google Fonts without the consent of the person concerned gives rise to a claim for damages (in the present case in the amount of €100)....
EDSA on the right of access according to Art. 15 DSGVO
The right to information under Article 15 of the GDPR is one of the rights of the data subject under the GDPR. How far this right should ultimately extend in practice is legally considered controversial. Now, the European Data Protection Committee (EDSA; also "European Data Protection...
The 5 most common corporate data breaches
A wide variety of companies regularly report data privacy violations to the data protection authorities. For the companies concerned, this usually means high financial and reputational consequences. That is why they attach great importance to precautionary measures. Besides...
Recording telephone calls - compliant with data protection?
Many companies regularly draw valuable information from communication with customers. It is not uncommon for this information to be obtained via telephone calls. In order to secure this information, it makes sense, for example, to record telephone calls. But is this...
Tesla as company car not compliant with data protection?
Vehicles from the manufacturer Tesla are becoming increasingly popular, especially in the e-mobility scene. So it's no wonder that the idea of using Tesla vehicles as company vehicles is quickly being considered. In data protection law, this primarily involves...
Log4j vulnerability - What to do?
It has recently become known that the software library called Log4j has a security vulnerability. This can be exploited very easily to take over entire IT systems or to tap data. Many cybercriminals are now exploiting this, while IT professionals...
Log4j/Log4Shell Demo / Hacker Attack Demonstration
*Foreword* The video is about web applications as one of the many examples of the Log4j vulnerability, but the vulnerability potentially affects any software that uses Log4j. In the Log4j lists (see links below) of products and vendors read...