Data protection requirements
The General Data Protection Regulation (GDPR) is a legal standard that applies in all EU member states and whose scope for design and interpretation leaves virtually no room for loopholes and opportunities for data misuse. On the other hand, the GDPR - like a wave of consumerism - is being utilised by lawyers, specialist consultants, auditing institutes and many companies. Since the introduction of the new data protection regulation "GDPR", we have occasionally been confronted with comprehensive declarations to be submitted, especially by trading partners and resellers. Such "declaration templates" often consist of 20 pages or more. This is despite the fact that a law requires compliance with the regulation.
The General Data Protection Regulation (GDPR) is a relatively new law that is intended to ensure standardisation of data protection at EU level. We have sought specialist legal advice on the implementation of the requirements and conditions of our privacy policy. We take data protection - including the protection of our customers' and their customers' data - very seriously. And not just since the introduction of the GDPR. The creation of our privacy policy was associated with considerable financial and administrative expenses.
How far the legislator and the courts of the member states will go if the GDPR is not feasible will only become clear after several years of application. Even calling a patient by name in the doctor's waiting room or greeting a guest in a hotel in a friendly manner reveals grey areas in terms of data protection law.
Before we examine additional, customer-specific data protection declarations submitted to us, we ask you to indicate which areas of our own data protection declaration are not sufficient to guarantee the data protection request. We will subject every matter presented to a specialist lawyer's review in order to adapt our privacy policy for the benefit of all customers. Furthermore, in most cases we are not always able to assess the legal implications of a third-party declaration. It would by no means be in the spirit of the legislator to make declarations out of "favour" or "convenience" that the ongoing business operations themselves cannot ensure.
If expressly requested by customers or trading partners - to file separate data protection declarations that go beyond our own declaration framework to maintain the business relationship, these declaration templates should be checked and, if necessary, harmonised by a specialist lawyer at cost. Only an experienced specialist lawyer can provide an unambiguous, legally secure confirmation of "special data protection" and also carry out a binding, operational harmonisation. In this case, please confirm to us in writing that you will pay the fees and charges incurred.
Thank you for your kind attention.