Energy supplier

The dynamic and increasingly competitive corporate environment today confronts energy suppliers more than ever with Data Protection Requirements. This covers all areas of a modern business enterprise. Energy suppliers need to balance between practical and economical processing of customer data and the safeguarding of customer rights. Meeting numerous Data Protection Requirements, starting with marketing measures via online presence to CRM and billing systems and the inclusion of service providers within the scope of Contract Data Processing.

Energy suppliers must consider the stricter obligations, such as the “right to be forgotten”, reporting obligations in the event of Data Protection violations and documentation and accountability obligations under the GDPR. The use of external service providers and associated Data Processing on behalf of the Data Controller also has great impact.

In addition, the energy industry is constantly facing new challenges resulting from advancing technology and digitization. However, where Climate Protection affects Data Protection, it is important to pragmatically take up the much quoted image of the “transparent customer” or the “transparent consumer” and design it in the sense of “Privacy by Design” in such a way that the legitimate interests of providers and consumers are brought into line.

Security of processing

Another point that energy suppliers must particularly pay attention to is the security of processing (Art. 32 GDPR). In this context, the focus also lies on possible critical infrastructures (e.g. the protection of mobile end devices). If Personal Data are analyzed and subsequently automated decisions are derived from this data, Art. 22 GDPR must be considered.

Whether in these promising sub-areas or in more conventional areas of Data Management, we offer tailor-made concepts with an eye for the essentials. Our team of experts will advise comprehensively in all areas mentioned above. We test and evaluate CRM systems as well as develope consent concepts or pseudonymisation or anonymisation processes. We provide compliant support but at the same time assist in practical implementation of Data Protection Requirements.