Data Protection Law | Cybersecurity


Data Protection Law| Cybersecurity

We advise and support companies of all sectors and sizes in the development, implementation, and maintenance of holistic data protection compliance.

With the practical and interdisciplinary knowledge gained from countless complex national and international GDPR projects as well as local and cross-border cooperation with Deloitte’s IT, cyber security, and process consulting experts, we can provide our clients with comprehensive support on all aspects of data protection.

The focus of our work is on carrying out implementation and audit projects, acting as external data protection officers, preparing all data protection documentation, ensuring operational data protection, advising on international data transfers, and developing deletion concepts.

We also advise companies intensively in connection with cyber incidents. The focus here is on communication plans, reporting to the relevant authorities, cyberincident management and cyberincident response plans as well as data protection evaluations. Our work is carried out in close coordination with Deloitte’s Cyber Risk and Forensic teams.

Our Data Protection Team consists of experienced experts who offer our clients best-practice advice based on their sound legal know-how and extensive practical experience.

Your contact

Sascha Jung

Partner | Attorney at Law


Our expertise in Data Protection Law | Cybersecurity

Support with initial and follow-up implementations as well as carrying out modular gap and maturity analyses to identify and possibly process data protection risks and optimization potential.

Conceptualization of data protection governance, creation, review, adaptation and updating of the necessary data protection documentation as well as preventive advice on the introduction of data management systems.

Development of target group-oriented training concepts and documents as well as preparation and implementation of individually tailored data protection training courses to raise awareness among employees and managers.

Acting as external (group) data protection officer for SMEs and global corporations.

Development of practical storage and deletion concepts and support in their technical implementation.

Design of pragmatic and data protection-compliant solutions for cross-border and group-wide data transfers (SCCs, BCRs, TIAs, etc.).

Advice and representation before national and international courts and authorities in data protection disputes as well as in internal and external investigation proceedings.

Advice on all issues relating to ensuring operational data protection with a focus on drafting and negotiating data protection company agreements, data protection policies and setting up and running internal and external whistleblowing systems.

Ad-hoc 24/7 advice following data protection incidents as well as support with data recovery measures and seamless cyber incident response services.

Auditing and advice on the data protection-compliant design of digital business models and products.

Interdisciplinary privacy consulting with worldwide resources from the global Deloitte Legal and Deloitte network at the interface to IT consulting, cyber security, and process management.

Our projects

Ongoing advice for the entire Austrian BUWOG Group as its external data protection officer

Negotiation and management of the entire (approx. 1,000 contracts) processor contract portfolio of Sage Österreich GmbH

Conducting a comprehensive GDPR Sanity Check for Raiffeisen Bank International

Data protection conceptualization and implementation of the Alles Clara App to support family care-givers of the Erste Bank Stiftung

Support of the global PUIG Group in the context of GDPR implementation and ongoing data protection issues and as external data protection officer

Advising a global pharmaceutical company on data protection law in connection with the Europe-wide market launch of a new medical product

Advising Salzburg AG on the admissibility of cloud services under Data Protection Law

Preparation of expert opinions on questions of international data transfer for the global animal welfare organization Vier Pfoten

Our Data Protection Law | Cybersecurity experts

Data Protection Law| Cybersecurity News

“Most users give very little thought to when they enter which data into which AI systems.”

Christian Kern, lawyer in the Data Protection | Cybersecurity & IP/IT | Media Law team, explains the data protection concerns regarding home DNA tests.

A recent ECJ verdict confirms that states may not circumvent the ban on data retention by obliging private providers to collect data from the state by law.