General Data Protection Regulation GDPR - Guidelines & Obligations

Article by Marcus Belke

Getting data protection out of the email trap

In many companies, data protection seems to function smoothly. However, a closer look reveals that the majority of these processes are organized via email. Precisely

April 1, 2026

Data protection in Germany

Proof of effective consent for direct marketing

The requirements for proof of effective consent for direct marketing are increasingly becoming the focus of data protection supervisory authorities. What is important now and what requirements you

March 31, 2026

2B Advice News

Using VVT as a control instrument for management

The processing directory (VVT) acts as a database and supports decision-making processes. This article shows how companies can move away from a purely documentation-based perspective and integrate the VVT into a

March 24, 2026

ECJ on misuse of requests for information

Data protection in Europe

When is a request for information excessive? ECJ names specific test points

According to the ECJ, an initial request for information can also be „excessive“ within the meaning of Art. 12 (5) GDPR if the controller proves that the request is not

March 19, 2026

The internal data protection officer has special protection against dismissal

Article by Marcus Belke

Special protection against dismissal for the internal data protection officer

In Germany, the internal data protection officer enjoys far-reaching special protection against dismissal. Anyone who appoints an employee as data protection officer is therefore making a decision with long-term consequences. What this means for

March 10, 2026

Article by Marcus Belke

Audit preparation in data protection

Good audit preparation requires clear responsibilities, structured evidence and transparent processes. Find out how auditors think, what weaknesses frequently occur in data protection audits and how you can

March 5, 2026

Third-Party Risk Management (TPRM) is a central element of modern corporate management in order to comply with legal requirements.

Article by Aristotelis Zervos

Third-party risk management: How to keep service providers under control

Third-party risk management (TPRM) is a central element of modern corporate management. It creates the basis for complying with legal requirements, reducing liability risks and gaining the trust of third parties.

August 8, 2025

In the event of continued illness, the obligation to continue to pay wages does not apply if the new illness is related to the previous one.

Article by Marcus Belke

Health data in the event of continued illness as a data protection challenge

The data protection assessment of health data in the employment relationship is one of the most sensitive aspects of compliance practice. A current occasion for in-depth discussion is the publication of the

August 7, 2025

Perform threshold value analysis in 5 steps

Article by Aristotelis Zervos

What is a GDPR threshold analysis and when is it mandatory?

When should a threshold value analysis be carried out, how does it work and how can it be reliably assessed whether there is an "expected high risk"? This article provides practical answers

July 9, 2025

A systematically established compliance management system serves to identify and implement these requirements and ensure that they are adhered to on a permanent basis.

Ailance

Compliance management in the company: Importance, structure and success factors

Compliance is of central importance for companies, as it not only ensures legal certainty, but also forms the basis for ethical and sustainable business practices. A systematic

May 5, 2025

Article & News

Tag: Datenschutz-Grundverordnung DSGVO