


Fax is not compliant with data protection
Fax is not compliant with data protection Many companies and institutions still use fax to transmit information. This almost always involves personal data: invoices, delivery bills, pay slips, contract documents,...
Data protection in insolvency
Data protection in insolvency Particularly at a time when the economy is being affected by laws and regulations aimed at curbing the spread of the Covid 19 virus, many companies are faced with the issue of insolvency. Even if it's because of the delayed...
Secure WordPress blogs
Wordfence is a useful security measure for WordPress sites. Wordfence is a web application firewall (WAF) that detects and blocks malicious behavior. Among other things, login attempts are blocked and changes in the WordPress...
current DSGVO incidents from the economy
Every month, the data protection supervisory authority imposes fines for violations of the General Data Protection Regulation (GDPR). Enclosed you will find 2 recent examples. 1 - Late notification of a serious data breach Authority: Autoriteit Persoonsgegevens...
Data protection and Corona test for employees in Saxony
The employer is obliged to provide all employees who work on site with a free self-test at least once a week, as long as enough tests are available (§3a para. 1 SächsCoronaSchVO). The pure record who when...
Personal web tracking only with consent
The Federal Commissioner for Data Protection today again points out that websites must obtain consent from their users before tracking begins. This currently happens on very few websites, because many website operators...
Antivirus software the supposed security
Often one hears from IT managers that the main defense against malware is antivirus software in their current IT security strategy. Furthermore, one hears and sees that IT security updates are heavily delayed or not installed at all, because that...
Challenges of the e-mail process / e-mail data protection
E-mail data protection Most e-mails are business letters and are therefore subject to retention periods under commercial law (6 years) which compete with the deletion periods (e.g. if the purpose no longer applies) of data protection. E-mails contain many different...
Common mistakes in the implementation of Art.32 - EU-DSGVO - Security of processing
Security of processing As a data protection controller, you have to comply with various data protection requirements with regard to data security. Often, you have to rely on service providers you trust. This trust...
Articles 13 and 14 GDPR using the example of a debt collection agency
Preface According to Recital 47 and Article 6 of the GDPR, a creditor has a legitimate interest and thus the right to engage a debt collection agency vis-à-vis defaulting debtors. Article 13 of the GDPR states that in the case of direct data collection, the data subject must be...