2B Advice
TEL: +49 (228) 926165100
Data Privacy

Data Privacy Laws and Regulations

Latests Posts About Data Privacy

The Action Plan of the French CNIL for Regulating AI Systems The Action Plan of the French CNIL for Regulating AI Systems

The CNIL has released an action plan for privacy-respecting deployment of AI systems in light of recent developments in the field.

New Use Cases Covered By 2B Advice PrIME New Use Cases Covered By 2B Advice PrIME

2B Advice PrIME is pleased to announce several updates to its Privacy Management solution.

Happy 20th anniversary to 2B Advice! Happy 20th anniversary to 2B Advice!

Today marks 20 years since Marcus Belke and Hajo Bickenbach started this amazing company on January 13th, 2003.

Special delivery to Ukraine Special delivery to Ukraine

2B Advice team members spend an afternoon preparing supply packages to be donated to Ukraine via DHL's free shipping.

A good summary of the draft adequacy decision A good summary of the draft adequacy decision

The EU Commission has published the long-awaited draft adequacy decision for data transfers from the EU to the US after analyzing US law and practice.

10th Enterprise User Meeting of 2B Advice was a complete success! 10th Enterprise User Meeting of 2B Advice was a complete success!

2B Advice invited to a personal group user meeting of the data protection management solution 2B Advice PrIME for the first time in three years on October 13, 2022.

New EuroPriSe Experts New EuroPriSe Experts

2B Advice proudly announces that 15 experienced legal and technical privacy professionals have been admitted as EuroPriSe Experts recently.

Children's Data Protection Children's Data Protection

California is safeguarding children's online information from exploitation by corporations by introducing the Age Appropriate Design Code Act requesting a Privacy Impact Assessment.

Information Needed For Companies for the Whistleblower Directive Information Needed For Companies for the Whistleblower Directive

Initially, the EU Whistleblower Directive was supposed to be effective by December 17, 2021. However, the legislative process failed.

Right of Access by the Data Subject Right of Access by the Data Subject

The right of access, enshrined in Art. 15 of the GDPR, gives data subjects the right to obtain from the controller.

Subject Access Request Automation Subject Access Request Automation

Individuals have the right to access their personal data, commonly referred to as subject access. But can this process be automated?

How to Become A Certified Data Protection Officer? How to Become A Certified Data Protection Officer?

It is required by law to appoint a data protection officer in your company. Read all you need to know for your organization.

Newest Social Media Posts

2B Advice

2BAdvice Retweeted
@privacypros Twitter is under investigation by the FTC for allegedly misusing user data, which it said could lead to a fine in the range of $150 million to $250 million https://bloomberg.com/news/articles/2020-08-03/twitter-under-ftc-investigation-for-alleged-misuse-of-user-data via @technology

Questions? Contact Us Today! SEND MESSAGE or call +1 (858) 366 9750

Blog Categories

With the BDSG, Germany has taken on a frontline role in data protection, and this became the foundation of today's GDPR.

The history of German data protection begins with the first State Data Protection Act of Hesse. This was passed in 1970 to protect citizens from the impairment of their privacy through illegal collection, storage, transfer and processing of data. Afterwards as early as 1995, European directives for the protection of natural persons with regard to the processing of personal data and the free movement of such data were passed, which had to be transposed into national law.

Since the 1990s, data protection law has had to adapt to digital data storage and global networks, and the Federal Republic of Germany necessarily began implementing the BDSG in 2001. After this implementation, alterations and enhancements were quickly added. These included the Data Protection Directive for Electronic Communication in 2002 and the amendment of the Telecommunications Act in 2004.

The European Parliament then proposed the basic data protection regulation at the beginning of 2014.Two years later, it came into force on May 25, 2016, and is valid in all European member states after a 2-year transition period since may 2018.

Two years later, it came into force on May 25, 2016, and after a 2-year transition period, it is valid in all European member states since May 2018.

Thus, the current Data Belt Ordinance (DSGVO), which came into force in 2018, shows companies how they must handle personal data, and is still being worked out today.



Data protection law of the persons concerned


One of the provisions of the DSGVO is the lawful processing of personal data. The Data Protection Act DSGVO has many rules, more than any other country to protect its citizens and their data.

The following are data protection rights of those concerned:

  • Data protection right to information (Art. 15 DSGVO)
    About processed data, where they were collected, where they are sent, etc. Be informed in accordance with data protection laws.
  • Right of rectification (art. 16 DSGVO)
    Incorrect data must be corrected at the request of the data subject.
  • Data protection right to deletion (Art. 17 DSGVO)
    The person concerned may request that the data collected be deleted. Especially if the processing of the data is no longer necessary. This data is required if a tax retention obligation applies.
  • Right to limitation (Art. 18 DSGVO)
    If data are required or non-erasable, the responsible person should restrict these data.
  • Data protection right of opposition (Art. 21 DSGVO)
    The data subject is allowed to object to the processing of his personal data. Especially if information is used for direct marketing purposes. With the exception of important reasons on the part of the data controller or if these data are used to establish a legal claim.
  • Right to data transferability (Art. 20 DSGVO)
    Everyone has the right to have his personal data made available by a responsible person, which the person concerned can in turn make available to others without hindrance.
  • Data protection right to not exclusively automated decisions (Art. 22 DSGVO)
    Interested parties have the right to request that decisions which affect them are not exclusively automated.
  • Data protection right to appeal to a supervisory authority (Art. 77 DSGVO)
    According to the Data Protection Act, the data subject is entitled to contact a supervisory authority directly if there is any suspicion of inappropriate data processing.
  • Right to consult the Data Protection Commissioner (Art. 38 DSGVO)
    Data subjects are permitted to consult the data protection officer of the controller with questions in accordance with the DSGVO and concerning the processing of their personal data.

These rules, and more apply to protect the data of citizens of the European Union under the DPA above all, and are often the most difficult for a company to comply with within the 30-day period. If the specified deadline is not met, or if the above rights are violated, a fine is imposed under the DSGVO for violation of the DSGVO. One of the first cases in Germany, the company Deutsche Wohnen SE, was fined over 14 million euros for storing data in an unerasable archive system without having checked whether the storage of the data was permissible or even necessary. This is one of the many examples of why one should administer a proper system and consult data protection experts in order to keep the collected data organized according to DSGVO regulations.



2B Advice LLC
7220 Avenida Encinas #208
Carlsbad, California, USA

Tel: +1 (858) 366 9750

Please enter the text you see below:

Another Image
Thanks for contacting us! One of our representatives will be in contact with you shortly regarding your inquiry.