You can see the rules and regulations in other jurisdictions.
May 25, 2018 The General Data Protection Regulation (GDPR), based on German law, governs data protection. The GDPR aims to prevent the collection and use of data relating to individuals. The exception is when it is duly necessary (Article 1 GDPR). If the responsible authority has the means within the scope of the law to identify a subject, the data is considered to belong to natural persons.1
It is possible to collect and process personal data. This requires legal authorization and the consent of the data subject (Article 6(1) GDPR). Before this procedure, the user must be aware of the nature, scope and purpose of the data collection.1
Digital profiling is based on these principles. The GDPR works with typical forms of digital profiling. Automated individual decision-making, including profiling, must comply with Article 22 GDPR; secondly, a decision that produces legal consequences for the data subject must not be based solely on automated processing (Article 22(1) GDPR). Article 22(1) GDPR does not apply if the decision: (1) is necessary for the conclusion or execution of a contract between the data subject and the data controller; (2) is authorized by law to which the controller is subject and which also establishes appropriate measures to protect the rights and freedoms and legitimate interests of the data subject; or (3) is based on the explicit consent of the data subject (Article 22(2) GDPR).1
Cross-border payments in Germany
Participation as a lawyer at investment venture funds, leading venture M&A deals in IT, supporting iGaming and business assets
We work for international SMEs, startups and Telco's
Legal support for FinTech and Blockchain projects
