Entries by Udo Steger

On the way to the financial cloud. Are cloud services full of “little fluffy clouds”?

On 8 November 2018, the German Federal Financial Supervisory Authority (Bundesanstalt für Finanzdienstleistungsaufsicht, BaFin) published a guidance notice on outsourcing to cloud providers. In the following article, we take a first look at the new rules, which also apply directly to payment institutions. Are cloud services full of “little fluffy clouds”? Background “Cloud providers” promise […]

Is nobody expecting the Spanish Inquisition? The scope of the right to information under Art. 15 GDPR

Art. 15 GDPR (EU General Data Protection Regulation) stipulates in detail which rights of information a data subject can assert against a controller. But how can this be implemented in practice? How far does the right to information according to the GDPR go? The following article shows what those obliged to provide information should consider in […]

Forget me, forget me not – Data deletion policies under the GDPR

In connection with the EU General Data Protection Regulation (GDPR), many companies are wondering how to implement a “data deletion policy”. This article describes the essential steps that companies need to undertake when preparing a GDPR-compliant data deletion policy and the associated documentation. GDPR: Legal Background Companies must implement the GDPR by 25 May 2018. […]