Data protection has recently become a ‘hot topic’. Whether as a blessing or a curse, by 25 May 2018 at the latest, when the General Data Protection Regulation comes into effect, group companies, medium-sized enterprises and even small companies need to have appropriate solutions to their data protection issues. However, the “sword of Damocles” threat of million-pound fines is often over-stated. Blanket statements can mean that the baby is thrown out with the bath water: the new law also means that intelligent data protection concepts should be carefully considered, which can be customised with a sense of proportion and reason. However, little can be achieved with only a hastily assembled basic understanding. This is because, without a sound basis, - namely the knowledge of specific rules that have been formed over decades and many years of experience - there is little to be gained from data protection law, but a great deal to be lost in the meantime. We support you in developing suitable strategies based on your priorities. We do not just tell you what is not allowed. Instead we tell you what is allowed and, above all, how it is allowed – here are some examples: