Skip to content

On the safe side: Imprint and privacy policy

Imprint and privacy policy

By now, most companies know that they have to make an imprint and a privacy policy available on their website - otherwise, there is the threat of high warnings and serious legal consequences. In order to be able to complete the topic quickly, the texts are taken over in a hurry from googled online generators. In doing so, the text for the data protection statement is often copied directly under the imprint section, which is illegal according to a decision of the Higher Regional Court of Hamburg and can have serious consequences. One thing is certain: every website needs a privacy policy that is complete in terms of content and can be called up separately from the imprint! We have summarised what companies must pay attention to when setting up an imprint and data protection declaration on their website and what will change in 2018 with the General Data Protection Regulation:

Data security in digital commerce: EU-US Privacy Shield holds up

Data security in digital commerce

There are hardly any physical borders left to constrict expanding online trade. However, legal differences persist between increasingly interconnected nations and companies that can be an obstacle to the development of global e-commerce: For example, on 22 November 2017, the General Courts of the European Court of Justice rejected a challenge to the EU-US Privacy Shield regulating transatlantic data sharing. This ruling was made at the European level and is relevant for companies from all over Europe involved in digital commerce, as the issue of data protection cannot be ignored when managing customer data.

The EU-US Privacy Shield is the successor to the Safe Harbor agreement, which was the legal basis for personal data transfers between the EU and the US until 2015. As explained in our detailed overview on the topic of international data protection, strict data protection principles apply within Europe, which must also be adhered to when transferring data to third countries - even if they are not bound by the EU's data protection regulations. This becomes a problem when a third country like the US falls short of European data regulations and is considered "unsafe". Since 2016, the EU-US Privacy Shield has protected the personal data of European citizens that is securely transferred to US companies in the course of this - which could be the case when using American software, for example.

End of geo-blocking: What's important to know about the EU compromise

The end of geo-blockings

Customers may no longer be treated differently or even disadvantaged in cross-border online trade within the EU. This was decided by the European Parliament, the Council and the Commission in November 2017 as part of an EU compromise to end unjustified geo-blocking. "(...) Under the new rules, Europeans will be able to choose which website to shop on without being blocked or redirected. Next Christmas, this will be a reality," said Andrus Ansip, Vice-President for the Digital Single Market.

Duty before free: The new packaging law for online retailers

The new packaging law for online retailers

With the new German Packaging Act (VerpackG) coming into force on January 1, 2019, it is once again clear that digital commerce involves much more than simply setting up and operating an online store. Legal changes have a direct impact on day-to-day digital business, which is why we have summarized the innovations of the VerpackG that are relevant for every store operator of physical goods.

New law: Missing data protection statement threatens warning notice

Missing data protection statement threatens warning notice

The "Act to Improve the Civil Enforcement of Consumer Protection Provisions of Data Protection Law" came into force on February 24, 2016. This is intended to protect consumers on the Internet from dubious providers. For website operators, the new law means above all that consumer protection associations and competition associations can now issue warnings for violations in the area of data protection.