JONAS BREYER LAW FIRM

»I can provide the full range of services of a data protection officer. The double qualification as a lawyer ensures a high level of advice.«

IT-Unternehmer Dr. Klaus M. (r.) und Jonas Breyer

Dr. Klaus M., CEO of IT Logic GmbH, (r.) and Jonas Breyer

EXTERNAL DATA PROTECTION OFFICER

For many years, I have been working as an FFD-certified external data protection officer for both public and private bodies in all sectors and am registered with the data protection supervisory authorities.

I provide the full range of services of a data protection officer. My dual qualification as a lawyer ensures a high level of advice. You will not be left alone with standard text modules and newsletters.

Are you interested in my expertise? You are welcome to take a look at some of my references and numerous specialist publications to see for yourself.

The range of services includes:

  • Do you have a data protection policy for your organization that ensures, among other things, that data breaches are reported to the supervisory authority within 72 hours if necessary?

  • Do you have meaningful data protection information for customers, employees, applicants and business partners?

  • Have you concluded data processing contracts with your service providers, for example for IT maintenance, your website or payroll accounting?

  • Do you regularly train your employees in the area of data protection?

  • Are your surveillance activities, such as video or email monitoring, within the scope permitted by data protection and labor law?

  • Are your marketing measures, e.g. in the form of advertising, surveys, internet plugins and apps, permissible under data protection law?

  • Do you have an overview of your personal data processing operations, for example in relation to personnel data, website or accounting data?

DOWNLOAD (PDF)

Information brochure (German)

The law firm is at your disposal as your external data protection officer. Please see the following information brochure.

DOWNLOAD (PDF)

When are you obliged to appoint a data protection officer?

You need a data protection officer in Germany if at least one of the following variants applies:

  • As a rule, they employ at least 20 people on a permanent basis for the automated processing of personal data. This includes, for example, writing e-mails.

  • You operate as a public body (regardless of the number of employees). This includes, for example, public authorities or notaries.

  • Your core activity requires systematic monitoring of natural persons. Typical cases are online tracking providers, many AI processors, credit agencies or detective agencies.

  • Your core activity lies in the „extensive“ processing of so-called special categories of personal data. This includes data on racial and ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, health data or data concerning the sex life or sexual orientation of natural persons. This applies, for example, to larger medical practices or pharmacies (health data).

  • Your core activity is the „extensive“ processing of data on criminal convictions or offenses. Examples include corruption registers or the Federal Central Criminal Register.

What does the GDPR require of you as a data processor?

The General Data Protection Regulation (GDPR) has governed the processing of personal data in both companies and public bodies since May 2018.

As a result, data protection law has become highly complex. Even negligent violations are not only subject to warnings under certain circumstances, but are also punishable by obligations to self-disclose and notify the persons concerned as well as by imprisonment or fines of up to 20 million euros.

Certain companies and public bodies (see above) must also appoint at least one data protection officer with special expertise and report this to the supervisory authority.

Internal data protection officers generally acquire protection against dismissal. However, most data protection obligations apply regardless of whether a data protection officer is required.

Do you want to protect yourself? Do you want to turn data protection into a competitive advantage?

Seek advice from an experienced lawyer or appoint one as your external data protection officer!

I have been involved in data protection law for over 15 years, publishing and lecturing in this field and have represented clients in data protection proceedings up to the Federal Constitutional Court.

„Mr. Breyer advised me as a data protection officer with individual tailoring to my law firm, instead of just leaving me with the usual standard templates and newsletters in front of the GDPR mountain. Today, I am in an exemplary position and an official audit revealed no objections.“

Dr. Jenny Sträter, Notary (ret.) and specialist lawyer