Incomplete GDPR Policy Leads to Penalty for German Lawyer
German Legal specialists Nikolaus Bertermann and Florian Hensel wrote an opinion article which discussed the finding in relation to the unencrypted form and mentioned it as “This is already technically questionable, since data on forms is frequently transmitted via email, so that the website encryption would have no influence at all on the transmission of data provided in the forms.” You can read the full article here.
Along with this ruling, Würzburg Regional Court also ruled that that actions of the legal firm were not in line with market conduct rules. Due to this the firm was also hit with injunctive relief claims under the Act against Unfair Commercial Practices. This ruling was due to two earlier decisions of Hamburg Higher Regional Court and Cologne Higher Regional Court.
Those rulings were come to due to the Telemedia Act legislation as they were made before the introduction of GDPR.
GDPR, which became enforceable in the European Union on May 25 – after a long period of review and preparation, was created to protect the private data of all those within the EU and the European Economic Area (EEA). Along with this it makes allows for the export of personal data outside these legislative region.