IT contract law and data protection law

Due to its additional lack of transparency in terms of the service provider and the processing locations, cloud computing is entering unknown legal terrain.

Cloud agreements and the cloud service itself must thus meet stricter demands compared with typical IT service agreements.

  • Guaranteeing effective implementation of user interests vis-à-vis the main provider, but also the provider’s subcontractors
  • Compensation for reduced transparency through improved information obligations and monitoring regulations
  • Stricter requirements in terms of technical verifiability of processing procedures

We take care of the contract law aspects, and this is not new terrain for us!

Data privacy law

We help you to ensure the privacy of your data – also in the cloud!

German and European data protection authorities have defined far-reaching specifications for cloud computing for compliance with German and/or European data protection law. These specifications relate to contract management but also to technical and organisational safeguards:

  • Conclusion of a contract data processing agreement as per §11 of the German Federal Data Protection Act (BDSG)
  • If in other EU countries, ensuring an adequate data protection level – for example, through standard agreement clauses for contract data processors
  • Validation and certification of the cloud provider
  • Penalties in case of processing personal data in breach of contract or contrary to instructions
  • Duty to inform in case of unauthorised access by third parties
  • Defining the technical and organisational measures

Contact us!

Tanja Cech

Tanja Cech

Certified Tax Advisor, Lawyer, Partner
Tax & Legal
personView bio