Lawyers for data protection and artificial intelligence

AI is productive, trendy... and data-driven. Anyone who wants to use AI in their company must act in a legally compliant manner, not least in terms of data protection: from the selection of training data to automated decisions and data protection impact assessments (DPIA).

Where artificial intelligence works with data, the question of data protection law quickly arises.

Frequent questions in connection with the use of AI in our clients' companies are:
What data may be used? Which decisions may be automated? How and what must be documented? How must risks be weighed up? How must the data subjects be informed? And how can companies remain compliant with the GDPR and AI Act?

These questions are linked to typical data protection issues and risks associated with the use of artificial intelligence.

Inquiry Website

You have further questions about our consulting services? Talk to us or send us an e-mail.

You can also send us a message using the contact form below. If you wish, we can also call you back.

By pressing the "Send" button, your data entered in the contact form will be collected and processed for the purpose of answering your enquiry. You have the right to object at any time with effect for the future. Further information on the processing of your data by RDP Attorneys can be found in our data protection information.*

What is the sum of 9 and 2?

Typical data protection risks associated with the use of AI:

  • Use of personal data for training purposes
  • Processing of personal data by artificial intelligence (e.g., in chatbots, predictive analytics, or recommendation systems)
  • Automated decisions by AI (Art. 22 GDPR)
  • Lack of transparency, unclear legal basis,
  • Data transfers to third countries – often unavoidable with cloud AI models
  • Obligation to conduct a data protection impact assessment (DPIA) for high-risk AI applications
  • Conflicts with the AI Act: risk classification, documentation requirements, prohibitions

RDP Attorneys acts as the interface between data protection and AI for your company and helps you design AI processes in compliance with data protection regulations, avoid liability, and still use AI systems efficiently.

Our services at the intersection of artificial intelligence and data protection:

Strategic AI/data protection legal advice

  • Compliance strategies for the data protection-compliant use of AI in companies
  • Risk analyses in accordance with the GDPR and AI Act
  • Data protection impact assessments (Art. 35 GDPR) for AI projects
  • Advice on legal bases and consent management
  • Evaluation of training data / anonymization

Contract drafting

  • Data processing agreements (Art. 28 GDPR) with AI service providers
  • License and development agreements for AI software
  • AI-specific contractual clauses in customer and supplier contracts
  • Joint controller agreements for joint AI projects

Implementation and ongoing compliance

  • Data protection management systems for AI-based processing
  • Guidelines and processes for the data protection-compliant use of artificial intelligence in companies
  • AI training for developers and specialist departments
  • Incident response management in the event of data protection violations

Proceedings with authorities and legal representation

  • Representation before supervisory authorities in audits and penalty proceedings
  • Coordination of DSFA for AI systems with supervisory authorities
  • Representation in data protection and AI law disputes
  • Advice on complaints from data subjects

AI training courses and workshops:

  • Basic and awareness training for employees
  • Specialized training for HR, IT, and management, data protection coordinators
  • AI training for works councils

RDP lawyers for all questions relating to AI and data protection law

RDP lawyers have been advising companies and public authorities on IT law and data law for over 15 years – from international corporations to start-ups. We specialised in data protection law even before the GDPR came into force and were providing legal advice in the field of artificial intelligence long before the current AI hype.

Unlike traditional law firms, which focus primarily on case handling and contract drafting, we offer the entire spectrum of data protection law services: from the development of legal frameworks to training courses and workshops to project documentation and risk assessment.

This comprehensive expertise makes us your ideal partner for AI-related projects in companies where in-depth legal knowledge and practical implementation skills are equally important.

Would you like to find out more? Then please contact us for further information.

Or visit our blog and read more about how good data protection management helps with AI compliance.

RAin Michaela Berger

Your partner

Lawyer Michaela Berger, LL.M.

Specialist lawyer for IT law
certified data protection officer (TÜV Süd)
certified data protection auditor (TÜV Süd)

Michaela.Berger@rdp-law.de
Contact form