2B Advice
TEL: +49 (228) 926165100
Data Privacy

Data Privacy Laws and Regulations

Latests Posts About Data Privacy

Navigating GDPR Consent Guidelines Navigating GDPR Consent Guidelines

This blog delves into the intricate requirements of GDPR consent, guided by the European Data Protection Board's (EDPB) clarifications and the amendments to the initial guidelines set by the Article 29 Working Party.

The Evolving US Privacy Landscape The Evolving US Privacy Landscape

This blog will delve into the nuances of New Jersey's Senate Bill 332 and New Hampshire's Senate Bill 255, exploring their key features and the potential impacts on privacy norms.

EU Commission Upholds Data Flow to 11 Countries EU Commission Upholds Data Flow to 11 Countries

The European Commission's recent confirmation of the continuity of data flows to 11 third countries and territories marks a significant milestone in international data protection.

Navigating the Murky Waters of Misused Privacy Rights: A Guide for Our Clients Navigating the Murky Waters of Misused Privacy Rights: A Guide for Our Clients

Discover a case of data protection rights misuse as a rejected job applicant seeks compensation. Insights from the LAG Schleswig-Holstein ruling (Urt. v. 21.2.2023 – 1 Sa 148/22).

Navigating New Terrain in Data Protection Navigating New Terrain in Data Protection

The ECJ's pivotal rulings (C-340/21 & C-456/22) redefine GDPR's scope, emphasizing liability, security assessments, and non-material damage.

Automated credit scoring in Europe Automated credit scoring in Europe

The CJEU issued a ruling with significant implications for credit scoring companies operating under the GDPR

New Adequacy Decision for Secure EU-US Data Flows New Adequacy Decision for Secure EU-US Data Flows

Data Privacy: EU Commission Adopts New Adequacy Decision for Secure EU-US Data Flows

The Action Plan of the French CNIL for Regulating AI Systems The Action Plan of the French CNIL for Regulating AI Systems

The CNIL has released an action plan for privacy-respecting deployment of AI systems in light of recent developments in the field.

New Use Cases Covered By 2B Advice PrIME New Use Cases Covered By 2B Advice PrIME

2B Advice PrIME is pleased to announce several updates to its Privacy Management solution.

Happy 20th anniversary to 2B Advice! Happy 20th anniversary to 2B Advice!

Today marks 20 years since Marcus Belke and Hajo Bickenbach started this amazing company on January 13th, 2003.

Special delivery to Ukraine Special delivery to Ukraine

2B Advice team members spend an afternoon preparing supply packages to be donated to Ukraine via DHL's free shipping.

A good summary of the draft adequacy decision A good summary of the draft adequacy decision

The EU Commission has published the long-awaited draft adequacy decision for data transfers from the EU to the US after analyzing US law and practice.

Newest Social Media Posts

2B Advice

2BAdvice Retweeted
@privacypros Twitter is under investigation by the FTC for allegedly misusing user data, which it said could lead to a fine in the range of $150 million to $250 million https://bloomberg.com/news/articles/2020-08-03/twitter-under-ftc-investigation-for-alleged-misuse-of-user-data via @technology

Questions? Contact Us Today! SEND MESSAGE or call +1 (858) 366 9750

Blog Categories

With the BDSG, Germany has taken on a frontline role in data protection, and this became the foundation of today's GDPR.

The history of German data protection begins with the first State Data Protection Act of Hesse. This was passed in 1970 to protect citizens from the impairment of their privacy through illegal collection, storage, transfer and processing of data. Afterwards as early as 1995, European directives for the protection of natural persons with regard to the processing of personal data and the free movement of such data were passed, which had to be transposed into national law.

Since the 1990s, data protection law has had to adapt to digital data storage and global networks, and the Federal Republic of Germany necessarily began implementing the BDSG in 2001. After this implementation, alterations and enhancements were quickly added. These included the Data Protection Directive for Electronic Communication in 2002 and the amendment of the Telecommunications Act in 2004.

The European Parliament then proposed the basic data protection regulation at the beginning of 2014.Two years later, it came into force on May 25, 2016, and is valid in all European member states after a 2-year transition period since may 2018.

Two years later, it came into force on May 25, 2016, and after a 2-year transition period, it is valid in all European member states since May 2018.

Thus, the current Data Belt Ordinance (DSGVO), which came into force in 2018, shows companies how they must handle personal data, and is still being worked out today.



Data protection law of the persons concerned


One of the provisions of the DSGVO is the lawful processing of personal data. The Data Protection Act DSGVO has many rules, more than any other country to protect its citizens and their data.

The following are data protection rights of those concerned:

  • Data protection right to information (Art. 15 DSGVO)
    About processed data, where they were collected, where they are sent, etc. Be informed in accordance with data protection laws.
  • Right of rectification (art. 16 DSGVO)
    Incorrect data must be corrected at the request of the data subject.
  • Data protection right to deletion (Art. 17 DSGVO)
    The person concerned may request that the data collected be deleted. Especially if the processing of the data is no longer necessary. This data is required if a tax retention obligation applies.
  • Right to limitation (Art. 18 DSGVO)
    If data are required or non-erasable, the responsible person should restrict these data.
  • Data protection right of opposition (Art. 21 DSGVO)
    The data subject is allowed to object to the processing of his personal data. Especially if information is used for direct marketing purposes. With the exception of important reasons on the part of the data controller or if these data are used to establish a legal claim.
  • Right to data transferability (Art. 20 DSGVO)
    Everyone has the right to have his personal data made available by a responsible person, which the person concerned can in turn make available to others without hindrance.
  • Data protection right to not exclusively automated decisions (Art. 22 DSGVO)
    Interested parties have the right to request that decisions which affect them are not exclusively automated.
  • Data protection right to appeal to a supervisory authority (Art. 77 DSGVO)
    According to the Data Protection Act, the data subject is entitled to contact a supervisory authority directly if there is any suspicion of inappropriate data processing.
  • Right to consult the Data Protection Commissioner (Art. 38 DSGVO)
    Data subjects are permitted to consult the data protection officer of the controller with questions in accordance with the DSGVO and concerning the processing of their personal data.

These rules, and more apply to protect the data of citizens of the European Union under the DPA above all, and are often the most difficult for a company to comply with within the 30-day period. If the specified deadline is not met, or if the above rights are violated, a fine is imposed under the DSGVO for violation of the DSGVO. One of the first cases in Germany, the company Deutsche Wohnen SE, was fined over 14 million euros for storing data in an unerasable archive system without having checked whether the storage of the data was permissible or even necessary. This is one of the many examples of why one should administer a proper system and consult data protection experts in order to keep the collected data organized according to DSGVO regulations.



2B Advice LLC
7220 Avenida Encinas #208
Carlsbad, California, USA

Tel: +1 (858) 366 9750

Please enter the text you see below:

Another Image
Thanks for contacting us! One of our representatives will be in contact with you shortly regarding your inquiry.