Internet of Things and the GDPR

The Internet of Things, or IoT for short, opens up new approaches to the protection of personal data. We support companies that are on the move in the context of the Internet of Things or are planning to do so. We help you with your individual data protection impact assessment (DPA) and the creation of your specific way to implement the General Data Protection Regulation (GDPR).

Specifically: Are you building refrigerators that communicate with their users? You design vehicles that interact with other vehicles, remember the behaviour of your drivers or obey local speed limits? The toys you make double as baby monitors? You produce technology solutions for self-sufficient dwellings? We at THALES love this form of innovation and are happy to support you in solving and complying with data protection challenges during product development. Particularly relevant in innovative industries and therefore in the area of the 'Internet of Things' are the data protection impact assessments (DPIA), which always have to be specially coordinated according to Art. 35 EU General Data Protection Regulation. We coordinate your concerns anonymously with supervisory authorities and advise you on individual questions of your product design as well as on implementation and corporate design.

Internet of things - particularly relevant aspects

  • Transparency and objection option for users at all times (data control)
  • Theoretical evaluation option (also unplanned) of movement data without consent and knowledge of data subjects
  • Information and consent of users of personal data in the IoT
  • Reconciliation and settlement of seemingly contradictory legal obligations such as the obligation to retain documents
  • Protection of sensitive data such as pulse measurement or sleep rhythms with fitness apps and trackers
  • Principles in the processing of location data, with possible inferences about people and their behaviour

Of course, these aspects can only be presented as examples and are by no means exhaustive. If you are active in the area of the Internet of Things IoT or your business is now or will be affected by this topic in the future, let's talk about your individual requirements.