88th Meeting of the GDD ERFA Circle Bavaria

On Sep. 22nd, 2023, we were able to participate in the first face-to-face meeting of the GDD Bavarian ERFA Circle since 2019. The German Association for Data Protection and Data Security (GDD) organises Experience Exchange Groups (ERFA-Circles) as a forum for experts in the field of data protection and data security to share their knowledge and opinions.

On the premises of Giesecke+Devrient, the participants were able to gain exciting insights into the work of colleagues and supervisory authorities.

For the Bavarian State Office for Data Protection Supervision, Dr Mirka Möldner gave an overview over the Office's activity report for 2022 and answered intriguing boundary questions on the new data transfer agreement between the EU and the US (EU-U.S. Data Privacy Framework). In the opinion of the BayLDA the Data Privacy Framework would replace existing Standard Contractual Clauses (SCC). These could not be used if the DPF applies. Privacy Notices should reflect this change. However, companies may fall back on those sections of the SCC which reflect the requirements of Art. 28 GDPR.

Mr Jonas von Dall'Armi from Giesecke+Devrient spoke about the Data Act and gave an outlook on the sometimes difficult situations that "data holders" will face under the Data Act.

Mrs Sarah Johanna Zech from Allianz offered practical insights into how Allianz is already implementing key aspects of the forthcoming AI Act and which requirements companies will have to meet.

The excellent series of talks was concluded by Mrs Sandra Stocker (Giesecke+Devrient), who gave a very practice oriented presentation on the automatic risk management in group companies using questionnaires and the Record of Processing Activities.

Further discussions with other participants rounded off the event.

Enobyte is looking forward to future meetings of the GDD-ERFA circle to keep our finger on the pulse of data protection.