Data Security

Protection of data related to individuals is guaranteed by law
(Article 2 of the German Grundgesetz)

   .: The German Data Protection Act regulates the rights of individuals as informal self-determination.
   .: Violations of the Data Privacy laws in relation to customer data are simultaneously violations of laws against unfair
       competition and can incur additional and highly punitive monetary charges
   .: The correct handling of personal data also increases the level of trust customers and employees have in the corporation

The right to informal self-determination includes:

   .: The handling of person-specific data is only allowed in the context of a clear purpose known to the affected individual
   .: The most important permissions are the consent of the person concerned, a contract with the person concerned
      (e.g. an employment contract) or laws (e.g. Social and Fiscal legislation)
   .: The handling of the data must be done in a secure and auditable environment (with controls consistent with the
      demands of the German Data Protection Act)

  Consulting-Offer:
  Verification of secure execution of tasks and confirmation of adherence to the
  German Data Protection Act

Assignment	Competence within the corporation
Allocation of an internal data protection commissioner (DSB)	CEO
Audit Trail for data security	IT-Manager
Support of the public index of procedures	Data Protection Commissioner
Legal compliance in the event of Outsourcing	CEO , Data Protection Commisioner
Creation and support of internal supervisory processes	Data Protection Commissioner
Information and Training of employees	Data Protection Commissioner
Compliance of employees with data protection and secrecy legislation	CEO, Human Resource Manager
Briefing of IT projects with regards to person-specific data and supervisory control	IT/ responsible department will inform Data Protection Commissioner
Enforcing of compliance with the legislation	Data Protection Commissioner and all employees
Monitoring of proper usage	Data Protection Commissioner
Compliance of contractors with IT policies	Responsible Department and Data Protection Commissioner
Notification of IT policy to the affected persons	Responsible Department and Data Protection Commissioner
Disclosure about saved data	Data Protection Commissioner
Correction/changes of saved data	Responsible Official
Blocking and deleting of data	Responsible Official

Preparation of data protection audits by an inspection authority

   .: Processing of checklists
   .: Gap closures
   .: Supervision of audits

Data Security

Protection of data related to individuals is guaranteed by law (Article 2 of the German Grundgesetz)

The right to informal self-determination includes:

Consulting-Offer: Verification of secure execution of tasks and confirmation of adherence to the German Data Protection Act

Preparation of data protection audits by an inspection authority

Protection of data related to individuals is guaranteed by law
(Article 2 of the German Grundgesetz)

Consulting-Offer:
Verification of secure execution of tasks and confirmation of adherence to the
German Data Protection Act