2B Advice
TEL: +1 (858) 366-9750
Data Privacy

Data Privacy Laws and Regulations

Latests Posts About Data Privacy

Subject Access Request Automation Subject Access Request Automation

Individuals have the right to access their personal data, commonly referred to as subject access. But can this process be automated?

How to Become A Certified Data Protection Officer? How to Become A Certified Data Protection Officer?

It is required by law to appoint a data protection officer in your company. Read all you need to know for your organization.

Zoom Data Privacy Zoom Data Privacy

Which data privacy guidelines do you actually have to observe when using the Zoom software? Is your company Zoom compliant?

Anonymization and Pseudonymization Anonymization and Pseudonymization

We would like to briefly show you the differences between anonymized and pseudonymized data, and explain why you should deal with this topic

Schrems II Decision: Impact on Cloud Migration & More Schrems II Decision: Impact on Cloud Migration & More

When are the digital business operations into the cloud, companies must take into account the relevant applicable data privacy rules.

What Is Data Minimization? Principles of Data Minimization for GDPR What Is Data Minimization? Principles of Data Minimization for GDPR

The aim of this article is to give you a clear understanding of the data minimization principle and practical advice on how to implement it.

Standard Contractual Clauses Guideline 2021 Standard Contractual Clauses Guideline 2021

The ultimate guideline for EU Standard Contractual Clauses (SCC), also known as the EU Commission’s Standard Data Protection Clauses.

What Is Information Governance? What Is Information Governance?

How to implement effective information governance over a company’s high value information as strategic asset.

2B Advice achieves ISO/IEC 27001:2013 Certification 2B Advice achieves ISO/IEC 27001:2013 Certification

2B Advice customers trust us with their data and we strive to ensure our solutions are in line with international privacy and information security standards.

What Is Article 30 of the GDPR? What Is Article 30 of the GDPR?

Learn about Article 30 of the GDPR and how processing activities are affected in the EU. Contact 2B Advice for a consultation today.

Telemedicine Certification Requirements in Germany Telemedicine Certification Requirements in Germany

Telemedicine Certification: Digitization of medical care through virtual home visits calls for attention to privacy and security

When Is a Data Protection Officer Required? When Is a Data Protection Officer Required?

Companies are required to appoint a Data Protection Officer. The question is which companies are affected? When do you need to do this?

Newest Social Media Posts

2B Advice

2BAdvice Retweeted
@privacypros Twitter is under investigation by the FTC for allegedly misusing user data, which it said could lead to a fine in the range of $150 million to $250 million https://bloomberg.com/news/articles/2020-08-03/twitter-under-ftc-investigation-for-alleged-misuse-of-user-data via @technology

Questions? Contact Us Today! SEND MESSAGE or call +1 (858) 366 9750

Blog Categories

With the BDSG, Germany has taken on a frontline role in data protection, and this became the foundation of today's GDPR.

The history of German data protection begins with the first State Data Protection Act of Hesse. This was passed in 1970 to protect citizens from the impairment of their privacy through illegal collection, storage, transfer and processing of data. Afterwards as early as 1995, European directives for the protection of natural persons with regard to the processing of personal data and the free movement of such data were passed, which had to be transposed into national law.

Since the 1990s, data protection law has had to adapt to digital data storage and global networks, and the Federal Republic of Germany necessarily began implementing the BDSG in 2001. After this implementation, alterations and enhancements were quickly added. These included the Data Protection Directive for Electronic Communication in 2002 and the amendment of the Telecommunications Act in 2004.

The European Parliament then proposed the basic data protection regulation at the beginning of 2014.Two years later, it came into force on May 25, 2016, and is valid in all European member states after a 2-year transition period since may 2018.

Two years later, it came into force on May 25, 2016, and after a 2-year transition period, it is valid in all European member states since May 2018.

Thus, the current Data Belt Ordinance (DSGVO), which came into force in 2018, shows companies how they must handle personal data, and is still being worked out today.



Data protection law of the persons concerned


One of the provisions of the DSGVO is the lawful processing of personal data. The Data Protection Act DSGVO has many rules, more than any other country to protect its citizens and their data.

The following are data protection rights of those concerned:

  • Data protection right to information (Art. 15 DSGVO)
    About processed data, where they were collected, where they are sent, etc. Be informed in accordance with data protection laws.
  • Right of rectification (art. 16 DSGVO)
    Incorrect data must be corrected at the request of the data subject.
  • Data protection right to deletion (Art. 17 DSGVO)
    The person concerned may request that the data collected be deleted. Especially if the processing of the data is no longer necessary. This data is required if a tax retention obligation applies.
  • Right to limitation (Art. 18 DSGVO)
    If data are required or non-erasable, the responsible person should restrict these data.
  • Data protection right of opposition (Art. 21 DSGVO)
    The data subject is allowed to object to the processing of his personal data. Especially if information is used for direct marketing purposes. With the exception of important reasons on the part of the data controller or if these data are used to establish a legal claim.
  • Right to data transferability (Art. 20 DSGVO)
    Everyone has the right to have his personal data made available by a responsible person, which the person concerned can in turn make available to others without hindrance.
  • Data protection right to not exclusively automated decisions (Art. 22 DSGVO)
    Interested parties have the right to request that decisions which affect them are not exclusively automated.
  • Data protection right to appeal to a supervisory authority (Art. 77 DSGVO)
    According to the Data Protection Act, the data subject is entitled to contact a supervisory authority directly if there is any suspicion of inappropriate data processing.
  • Right to consult the Data Protection Commissioner (Art. 38 DSGVO)
    Data subjects are permitted to consult the data protection officer of the controller with questions in accordance with the DSGVO and concerning the processing of their personal data.

These rules, and more apply to protect the data of citizens of the European Union under the DPA above all, and are often the most difficult for a company to comply with within the 30-day period. If the specified deadline is not met, or if the above rights are violated, a fine is imposed under the DSGVO for violation of the DSGVO. One of the first cases in Germany, the company Deutsche Wohnen SE, was fined over 14 million euros for storing data in an unerasable archive system without having checked whether the storage of the data was permissible or even necessary. This is one of the many examples of why one should administer a proper system and consult data protection experts in order to keep the collected data organized according to DSGVO regulations.



2B Advice LLC
7220 Avenida Encinas #208
Carlsbad, California, USA

Tel: +1 (858) 366 9750

Please enter the text you see below:

Another Image
Thanks for contacting us! One of our representatives will be in contact with you shortly regarding your inquiry.