GDPR violation Archives

Article by Marcus Belke

Getting data protection out of the email trap

In many companies, data protection seems to function smoothly. However, a closer look reveals that the majority of these processes are organized via email. Precisely

April 1, 2026

Data protection in Germany

Proof of effective consent for direct marketing

The requirements for proof of effective consent for direct marketing are increasingly becoming the focus of data protection supervisory authorities. What is important now and what requirements you

March 31, 2026

ECJ on misuse of requests for information

Data protection in Europe

When is a request for information excessive? ECJ names specific test points

According to the ECJ, an initial request for information can also be „excessive“ within the meaning of Art. 12 (5) GDPR if the controller proves that the request is not

March 19, 2026

Reporting process in the event of a data breach

Article by Marcus Belke

Report a data breach correctly: Reporting process according to GDPR with deadlines, evaluation and documentation

Data breaches are now one of the most common compliance incidents in organizations. Incidents have to be assessed, reporting obligations checked, measures documented and communication decisions made within a short space of time. We provide

March 17, 2026

Google becomes the processor for reCAPTCHA.

Compliance

reCAPTCHA and GDPR: Google becomes a processor - what website operators need to know now

Google will reclassify its role in the use of reCAPTCHA under data protection law and will no longer act as a controller but as a processor from April 2026. What this means

March 12, 2026

Article by Marcus Belke

Audit preparation in data protection

Good audit preparation requires clear responsibilities, structured evidence and transparent processes. Find out how auditors think, what weaknesses frequently occur in data protection audits and how you can

March 5, 2026

In the event of a data leak at the processor, the controller is liable.

Article by Aristotelis Zervos

Failure to monitor processors: BGH extends liability of the controller

A recent ruling by the Federal Court of Justice (BGH) provides clarity regarding non-material damages pursuant to Art. 82 GDPR in the event of a data leak at a former processor.

January 14, 2026

Compliance with transparency and information requirements will be the focus of GDPR audits in 2026.

Article by Aristotelis Zervos

GDPR audit priorities for 2026: Transparency and information obligations in the focus of the authorities

The European Data Protection Board's coordinated enforcement action 2026 focuses on the transparency and information obligations under Articles 12, 13, and 14 of the GDPR. What this means in concrete terms for

January 5, 2026

How companies can use proctoring in a legally compliant manner.

Article by Aristotelis Zervos

Proctoring in the application process: Admissibility under data protection law according to the GDPR

Is proctoring in the application process compliant with data protection regulations? Find out which GDPR requirements apply and how companies can use proctoring in a legally compliant manner.

December 18, 2025

Article by Aristotelis Zervos

ECJ: Newsletters possible without consent – these are the conditions

In its judgment C‑654/23, the European Court of Justice (ECJ) provides clear guidelines on the interpretation of the term „direct marketing“ within the meaning of the ePrivacy Directive and on the relationship between the

November 21, 2025

Article & News

Tag: DSGVO-Verstoß