The Team

We are experts in IT and data protection law.
Together with you, we will find the optimal solution for your problems.

Dr. Bernhard Freund, M.Comp.Sc., LL.M. (Wellington)

Lawyer, Certified IT Lawyer, certified Data Protection Officer (TÜV) and CIPP/E

Email: bernhard.freund@planit.legal
Phone: +49 (0) 40 609 44 190

More info
Certifications
  • Data protection officer (TÜV), certified by the TÜV Nord
  • Certified Information Privacy Professional/Europe (CIPP/E)
Membership
Presentations
  • Big Data and Privacy, Center for Business Law (CUR), Osnabrück 2017
  • IT Security Law (in Industry 4.0 and Internet of Things), Robert Bosch GmbH, Stuttgart 2017
  • Data Protection in the Dentist’s Surgery: Legal consequences of the increased interconnectedness [Datenschutz in der Zahnarztpraxis: Rechtliche Folgen der zunehmenden Vernetzung], Freier Verband Deutscher Zahnärzte e.V., Leipzig 2016
  • The Security of Digital Communication in the 21st Century – a Dialogue on Privacy and Data Protection Laws in the U.S. and Germany, German-American Jurists’ Association (DAJV e.V.), Berlin 2014
  • Damages for Violation of the Right of Personality: Legal Prerequisites and Avoidance Strategies (with a Focus on Video Surveillance and Mobbing) [Schmerzensgeld bei Verletzung von Persönlichkeitsrechten: Voraussetzungen und Vermeidungsstrategien (Schwerpunkte Videoüberwachung und Mobbing)], Symposium on Employees’ Privacy of the TÜV NORD Academy, Hamburg 2014
  • Bring Your Own Device (BYOD) – Legal Aspects [BYOD – Rechtliche Aspekte], Spring Summit of the Network User Group (BGNW), Lübeck 2013
  • Privacy after Snowden – Consequences of the NSA Scandal for Data Protection Law [Datenschutz nach Snowden – Datenschutzrechtliche Folgerungen aus dem NSA-Skandal], Palma de Mallorca 2013
  • Buying and Selling Data, Joint conference of the British-German Jurists‘ Association and the Deutsch-Britische Juristenvereinigung e.V., Aachen 2012
  • Internal Investigations and Privacy [Internal Investigations und Datenschutz], Workshop of the Federal Association of Inhouse Counsels (BUJ), Hamburg 2012
  • Facebook & Co. in Your Company [Facebook & Co. im Unternehmen], Hamburg 2012
  • Marketing 2.0 – a Journey into a Legal Vacuum? [Marketing 2.0 – Expedition in rechtsfreie Räume?], Hamburg 2012
  • Data Transfer to Third Countries – Model Clauses, Binding Corporate Rules, Safe Harbor [Datenübermittlung in Drittstaaten – Model Clauses, Binding Corporate Rules, Safe Harbor], Berlin, Hamburg and Stuttgart 2012
  • Facebook Friend Finder / IPv6 [Facebook Freundefinder / IPv6], Hamburg, Berlin, München and Stuttgart 2011
  • Using Defeasible Logic Programming for Argumentation-Based Decision Support in Private Law, Conference on Computational Models of Argument (COMMA 2010), Desenzano del Garda 2010
Publications
  • Commentary on GDPR articles relevant to the IT industry, in: Schuster/Grützmacher, IT Law Commentary [IT-Recht Kommentar], Otto Schmidt Verlag 2020
  • Controller-Processor Relationships [Auftragsverarbeitung], in: Intveen/Gennen/Karger, Handbook Software Law [Handbuch des Softwarerechts], Anwaltverlag 2018, joint publication with M. Grützmacher
  • After the Hard Fork – May the Crypto Exchange keep Bitcoin Cash? [Nach dem Hard Fork – Darf die Börse Bitcoin Cash behalten?], BTC-Echo, 8. August 2017
  • Perspektiven der Auftragsverarbeitung, ZD 2017, 14, joint publication with B. Schmidt
  • Guidance Notes: Health and Pharma Overview, Data Guidance 4/2016, joint publication with B. Schmidt
  • Specific Performance in the Law of Sales: History – Comparison – Unification [Erfüllungszwang im Kaufrecht, Geschichte – Vergleich – Vereinheitlichung, Schriften zum internationalen Recht], Schriften zum Internationalen Recht (SIR) Bd. 204, Duncker & Humblot 2015
  • IT Security Act, On the Draft Act against Cyber Attacks [IT-Sicherheitsgesetz, Zum neuen Entwurf eines Gesetzes gegen Cyber-Attacken], ITRB 2014, 256-260
  • The Nucleus of the Self-Responsibility of the Executive as a Limitation to the Right to Freedom of Information [Der Kernbereich exekutiver Eigenverantwortung als Schranke der Informationsfreiheit], DÖV 5/2012, 192-198 joint publication with C. Schnabel
  • On the Maximum Harmonization of European Data Protection Law by Directive 95/46/EC [Zur Frage der Vollharmonisierung des europäischen Datenschutzrechts durch die Richtlinie 95/46/EG], Anmerkung zu EuGH, Urt. v. 24.11.2011, C-468/10 u. C-469/10, CR 2012, 32-33
  • IPv6 – the End to Anonymity on the Internet? Technical Foundations and Legal Assessment of the New Internet Protocol (Bedeutet IPv6 das Ende der Anonymität im Internet? Technische Grundlagen und rechtliche Beurteilung des neuen Internet-Protokolls), MMR 2011, 495-499 joint publication with C. Schnabel
  • “And oh! I am glad that nobody knew…” – Self-Data-Protection when Using Telemedia Services [„Ach wie gut, dass niemand weiß…“ – Selbstdatenschutz bei der Nutzung von Telemedienangeboten], CR 2010, 718-721 joint publication with C. Schnabel
  • Can Bobby demand delivery? Towards a Knowledge-Based System in Private Law, Proceedings of the 24th Workshop on Constraint Logic Programming (WLP 2010) joint publication with C. Beierle, G. Kern-Isberner and M. Timm
  • Using Defeasible Logic Programming for Argumentation-Based Decision Support in Private Law, Proceedings of the Third International Conference on Computational Models of Argument (COMMA 2010) joint publication with C. Beierle, G. Kern-Isberner and M. Timm
  • On Mathematical Patterns in the Web of the Law Indicating a Quasi-Biological Evolution, Revue Juridique Polynésienne (RJP) 2007, 53-67

Bernhard is a founding partner of PLANIT // LEGAL. He advises on any data protection and IT law matters and is appointed as external Data Protection Officer by various companies. Clients value in particular the combination of his legal and technical experience.

Before founding PLANIT // LEGAL, Bernhard worked for the Hamburg Data Protection Authority (Hamburgischer Beauftragter für Datenschutz und Informationsfreiheit), as Lawyer for the Practice Group Technology, Media and Telecommunication in the Hamburg office of the international law firm CMS Hasche Sigle and as a software developer.

Bernhard studied law and computer science at the University of Bielefeld. After having accomplished his undergraduate studies and scientific research activities at the universities of Bielefeld and Torino, he completed his postgraduate studies in law (LL.M.) at the University of Wellington.

Bernhard was legal clerk (Rechtsreferendar) at the Hamburg Court of Appeal (Oberlandesgericht). During his legal clerkship he worked, inter alia, for international law firms and a public health insurance provider. During this time, he also finished his studies in computer science at the University of Hagen, majoring in artificial intelligence, with a thesis on knowledge-based systems.

Bernhard was Ph.D. student at the chair of Prof. Dr. Hans Schulte-Nölke, University of Osnabrück. He wrote his Ph.D. thesis on “Specific Performance in Sales Contracts” (Erfüllungszwang im Kaufrecht). Bernhard was associate professor (Lehrbeauftragter) for data protection law at the Hamburg University of Applied Sciences and currently is a trainer with the PLANIT // Academy.

Bernhard is fluent in German and English.

Dr. Bernd Schmidt, LL.M. (Auckland)

Lawyer, Certified IT Lawyer, certified Data Protection Officer (GDDcert.), and CIPP/E

Email: bernd.schmidt@planit.legal
Phone: +49 (0) 40 609 44 190

More info
Certifications
  • Data Protection Officer (GDDcert.)
  • Certified Information Privacy Professional/Europe (CIPP/E)
Membership
Presentations
  • Data Protection Regulation – Current Tasks for Your Compliance Organisation. Webinar Comparex Academy, 8 June 2017
  • Panel Discussion on Employment Data Protection 11th dtb / DGB Technologieforum, Berlin, 10 November 2016
  • CCTV – Data Protection vs. Retail Security? German Retail Security Network, Essen 19 October 2016
  • Legal Framework for Social Media and Mobile Marketing [Rechtliche Anforderungen bei Social Media und Mobile Marketing], Marketingfrühstück Marketing Club Hamburg, 4 July 2015
  • Consent Requirements for Tracking-Technologies in a German Legal Perspective [Einwilligungsvorbehalte für Tracking-Technologien im deutschen Recht], DSRI Herbstakademie in Göttingen, 10 September 2015
  • Outsourcing in the Insurance Sector [Outsourcing im Versicherungssektor], DSRI Herbstakademie 2013 in Berlin, 14 September 2013
  • Compliance – Management Obligations for Managing Legal Risks [Compliance – Die Vorstandspflicht zur Beherrschung von Rechtsrisiken], D-A-CH-Security in Bochum, 19 May 2009
Publications
  • Datenschutz durch den Betriebsrat – Problem geregelt aber nicht gelöst, Datenschutzberater 2021, p. 324
  • Data Protection 2021 – Germany, International Comparative Legal Guide, ICLG.com / Global Legal Group Ltd., London 2021, joint publication with Freund
  • Neuer Datenschutz: Gut vorbereitet auf die DSGVO 2018, eBook, Hamburg 2017
  • Einführung zum BDSG, in: Taeger/Gabel, Kommentar zum BDSG, 2. Aufl., Frankfurt a.M. 2013 zusammen mit Taeger
  • 1 Abs. 1 – 4 BDSG, in: Taeger/Gabel, Kommentar zum BDSG, 2. Aufl. Frankfurt a.M. 2013
  • Compliance in Kapitalgesellschaften, Baden Baden 2010
  • Datenschutz im anwaltlichen Home- und Mobile-Office, NJW 2021, p. 367, joint publication with Roschek
  • Überblick zum europäischen Datenschutzrecht, in: Specht-Riemenschneider / Werry / Werry, Datenrecht in der Digitalisierung, 1. Aufl. 2019, p. 63-92
  • Arbeitnehmerdatenschutz bei Unternehmenstransaktionen, in: Weth/Herberger/Wächter/Sorge, Daten- und Persönlichkeitsrechtsschutz im Arbeitsverhältnis, 2. Aufl. 2019, p. 608-61
  • Datenschutz-Organisation und -Dokumentation in der Anwaltskanzlei, NJW 2018, p. 1448
  • Perspektiven der Auftragsverarbeitung, ZD 2017, p. 14, joint publication with Freund
  • Datenschutzrechtliche Folgen des Brexit, in: Jusletter IT 22 September 2016, joint publication with Bischof
  • Guidance Notes: Employment, Data Guidance 6/2016, joint publication with Freund
  • Guidance Notes: Health and Pharma Overview, Data Guidance 4/2016, joint publication with Freund
  • Des Jägers Recht: Leitfaden zum rechtskonformen Wildkameraeinsatz, Wir Jagen 6/2016, S. 37
  • Dienstleister an fester Leine halten, Versicherungswirtschaft 2/2016, p. 22, joint publication with Bischof
  • Anforderungen an den Einsatz von Cookies, Browser-Fingerprinting und ähnlichen Techniken im deutschen Recht, K&R 2016, p. 86, joint publication with Babilon
  • Die Herausgabe von Datenträgern an nationale Ermittlungsbehörden, PinG 2014, p. 245
  • Strafrechtliche Risiken und Reformbedarf beim Outsourcing im Versicherungssektor, VersR 2014, p. 161
  • Risikomanagement und Compliance in der Genossenschaft, ZfgG 2013, p. 161, joint publication with Seegmüller
  • Aktenvortrag – Öffentliches Recht – Unterwegs mit dem Bierbike, JuS 2013, p. 547, joint publication with Herbord
  • Übermittlung personenbezogener Daten bei staatlichen Auskunftsbegehren, ZD 2012, p. 63
  • Arbeitnehmerdatenschutz in Norwegen, DuD 2012, p. 591
  • Einstweiliger gewerblicher Rechtsschutz durch Hamburger Gerichte, IPRB 2011, p. 261, joint publication with Baars
  • Die Zulässigkeit IT-gestützter Compliance- und Risikomanagementsysteme nach der BDSG-Novelle, DuD 2011, p. 88, joint publication with Jakob
  • IT-gestützte Compliance-Systeme und Datenschutzrecht, CR 2010, p. 540, joint publication with Heinson
  • Informationsmanagement und Compliance, in: Wissen und Wissensmanagement, Chancen in der Wirtschaftskrise, Oldenburg 2010, p. 217
  • Beschäftigtendatenschutz in § 32 BDSG, DuD 2010, p. 207
  • Datenschutzrechtliche Anforderungen und internationale Rechtspflichten zum Betrieb von Whistleblowing-Systemen, in: Governance – Entscheidungsfindung und -umsetzung innerhalb staatlicher und wirtschaftlicher Strukturen, Oldenburg 2009, p. 57-71
  • Arbeitnehmerdatenschutz gemäß § 32 BDSG – Eine Neuregelung (fast) ohne Veränderung der Rechtslage, RDV 2009, p. 193
  • Vertrauen ist gut, Compliance ist besser!, BB 2009, p. 1295

Bernd is a founding partner. He advises on any data protection and IT law matters and is assigned as Data Protection Officer for various companies. Clients value in particular his experience as external Data Protection Officer and his hands on advisory approach.
Before founding PLANIT // LEGAL, Bernd worked as Attorney at Law for the “Practice Group IT Commercial, Outsourcing” in the Munich office of Bird & Bird and as Attorney at Law and external Data Protection Officer in a boutique law firm for data protection law.

Bernd studied law at the Universities of Hannover, Lausanne and Münster. He made his postgraduate studies in commercial law (LL.M.) at the University of Auckland and his Ph.D. studies at the chair of Prof. Dr. Jürgen Taeger, University of Oldenburg. He wrote his Ph.D. thesis on “Compliance in Corporate Entities” (Compliance in Kapitalgesellschaften). During his Ph.D. studies Bernd was member of the German Research Foundation (Deutsche Forschungsgemeinschaft, DFG) graduate school “Trustsoft”.

Bernd was legal clerk (Rechtsreferendar) at the Bremen Court of Appeal (Oberlandesgericht). During his legal clerkship he worked, inter alia, for the Hamburg Data Protection Authority (Hamburgischer Beauftragter für Datenschutz und Informationsfreiheit) and the IT/IP groups of Taylor Wessing in Hamburg and Simonsen Advkatfirma in Oslo.

Bernd is member of the EuroPrivacy Certification Board of Experts and teaches at the PLANIT // ACADEMY.

Bernd is fluent in German, English and Norwegian.

Dr. Sebastian Heep

Lawyer
certified Data Protection Officer (TÜV)

Email: sebastian.heep@planit.legal
Phone: +49 (0) 40 609 44 190

More info
Membership
Publications
  • Protection under unfair competition law against deception of origin and exploitation of reputation in relation to design and trademark law, Dissertation, 2010, Jenaer Wissenschaftliche Verlagsgesellschaft, Writings on German, European and International Intellectual Property and Competition Law, Bd. 12

Sebastian joined PLANIT//LEGAL as a partner in 2020. He advises on all questions of IT law as well as on commercial and data protection law. Clients value his pragmatic and solution-oriented consulting approach, which stems from his extensive experience in the corporate environment and his work as an attorney in an internationally operating law firm.

Before joining PLANIT//LEGAL, Sebastian was an in-house senior legal counsel in the legal department of Körber AG, the holding company of an international technology group. As “Head of Commercial Law” of the business unit Medipak Systems, Sebastian provided legal advice to domestic and foreign software and machine building companies, particularly in questions of software contract law and commercial law. Sebastian has also accompanied the set-up of an internal digital unit and advised Körber AG on M&A transactions. Before joining the legal department of Körber AG, Sebastian was an attorney and senior associate in the Hamburg office of CMS Hasche Sigle, specializing in IPR, commercial law and life science.

Sebastian studied law at the University of Konstanz. After the first state examination in law, he received his ph.D. under Prof. Dr. Jochen Glöckner, LL.M. on the subject of “Lauterkeitsrechtlicher Schutz vor Herkunftstäuschung (§ 4 Nr. 9 lit. a UWG) und Rufausbeutung (§ 4 Nr. 9 lit. b UWG) im Verhältnis zum Geschmacksmuster- und Kennzeichenrecht“ and was a research assistant at the Chair for German and European Private and Business Law of Prof. Dr. Jochen Glöckner, LL.M. .

Sebastian completed his legal clerkship at the Hanseatic Higher Regional Court in Hamburg, including stations at CMS Hasche Sigle in Hamburg and at the German Chamber of Commerce, Hong Kong.

Sebastian is fluent in German and English.

Dr. Anna-Kristina Roschek

Lawyer
certified Data Protection Officer (TÜV)

Email: anna.roschek@planit.legal
Phone: +49 (0) 40 609 44 190

More info
Certifications
  • Data protection officer (TÜV), certified by the TÜV Nord
Presentations
  • Digital Leadmanagement using the example of Hubspot, Datenschutzkonferenz Düsseldorf, September 2021
Publications
  • Comments on the European Commission’s green Paper on Improving the Efficiency of the Enforcement of Judgements in the European Union: The Attachment of Bank Accounts, ECFR 2007, p. 252
  • Interpretative Relationship between Brussels I and the Future Rome I Regulation, IPRax 2008, p.96
  • The Enforceability Declaration and Enforcement of Foreign Titles in the European Union, Dissertation, Mohr Siebeck 2009
  • Data Protection in the Lawyer’s Home and Mobile Office, NJW 2021, p. 367
  • Preventing the Failure of Complex IT Projects through Good Contract Drafting, DATENSCHUTZ-BERATER 2021, p. 108-111

Anna joined PLANIT//LEGAL as a partner in 2020. She advises on all questions of data protection and IT law with a focus on IT projects, IT commercial and data protection compliance. She is also appointed as external data protection officer for companies. Clients value her practical experience gained both from internal consulting in a Group environment and from external consulting.

Before joining PLANIT//LEGAL, Anna was Senior Legal Counsel at Körber AG, the holding company of an international technology group. In addition to providing legal advice to software and mechanical engineering companies in the logistics and pharmaceuticals sector, Anna has been responsible for setting up a group-wide data protection organization. She also providing comprehensive legal advice to the internal IT provider of the Körber Group on the centralization of IT, among other things within the scope of a global infrastructure project. Before joining the legal department of Körber AG, Anna was an attorney in the Hamburg office of Taylor Wessing in the Practice Area Corporate and the Industry Group Energy.

Anna studied law at the University of Hamburg. During her studies, she was a student assistant to Prof. Dr. Jan Kropholler at the Max Planck Institute for Foreign and International Private Law in Hamburg. After the first state examination in law, she did her ph.D. under Prof. Dr. Ulrich Magnus on the subject of “Enforceability declaration and enforcement of foreign titles in the European Union” and was at the same time a research assistant at the Max Planck Institute for Foreign and International Private Law.

Anna was legal clerk (Rechtsreferendar) at the Hamburg Court of Appeal (Oberlandesgericht). During her legal clerkship she worked, inter alia, at the District Court (Landgericht) of Hamburg in the Chamber for IPR, Competition and Patent Matters.

Anna is fluent in German and English.

Ruben-Alexander Hubert

Lawyer
IT Security Officer (TÜV)

Email: ruben-alexander.hubert@planit.legal
Phone: +49 (0) 40 609 44 190

More info

Ruben joined PLANIT // LEGAL in 2019. He supports the firms advisory services in data protection and IT law matters. Further, he develops legal-tech applications for PLANIT // LEGAL. Clients value in particular his understanding of and enthusiasm for software and information technology.

Ruben studied law at the Christian-Albrechts-University (CAU) in Kiel. He was legal clerk (Rechtsreferendar) at the Schleswig-Holstein Court of Appeal (Oberlandesgericht). During his legal clerkship he worked, inter alia, at the Regional Court of Lübeck (Landgericht) and in law firms specializing in IT and data protection law, in particular the IT department of Taylor Wessing in Hamburg.

In addition to his legal activities, he is involved in the development of web applications.

Ruben is fluent in German and English.

planit legal christian putzar

Christian Putzar

Lawyer
certified Data Protection Officer (TÜV)

Email: christian.putzar@planit.legal
Phone: +49 (0) 40 609 44 190

More info

Christian is Counsel at PLANIT // LEGAL. He advises on any Data Protection matters, IT law and commercial law. Clients value Christian in particular as troubleshooter with strong analytical skills and a vast experience of both a lawyer and an in-house counsel.

Before joining PLANIT // LEGAL Christian worked as Senior Legal Counsel to the FINANZCHECK Group, where he supported the growth from a small start-up to one of Germany´s leading FinTech-companies. He provided expertise to both management and staff to all matters in the fields of Data Protection, IT-law, Marketing and Sales. Prior to FINANZCHECK, Christian worked for the Litigation department of Latham & Watkins LLP, where he gained considerable litigation experience in a wide range of legal fields, such as Investment law, Insurance Law, Insolvency Law, and Competition Law. Before his time at Latham & Watkins, Christian worked as lawyer for an expert law firm specialized on media and IP law.

Christian studied law at the universities of Osnabrück, Hamburg and at Charles University Prague. He was a legal clerk (Rechtsreferendar) at Celle Court of Appeal. During his clerkship (Rechtsreferendariat), he worked, inter alia, for the Chamber of Hamburg District Court ruling on press law (“Pressekammer”).

Christian is fluent in German and English.

planit legal nils eckert

Nils Eckert

Lawyer

Email: nils.eckert@planit.legal
Phone: +49 (0) 40 609 44 190

More info

Nils joined PLANIT // LEGAL as Counsel at the beginning of 2022. He advises in data protection and IT law. Clients particularly value his practical experience from internal consulting in the corporate environment.

Nils studied law in Hamburg and Madrid with a focus on information and communication law. He completed his legal clerkship (Rechtsreferendariat) at Celle Court of Appeal (Oberlandesgericht). During his clearkship (Rechtsreferendariat) he worked, inter alia, at the law firm Senfft, which specializes in press and media law, and at the Hamburg District Court in the chamber ruling on press law.

Before joining PLANIT // LEGAL, Nils worked as legal counsel for the media company gamigo AG, where he was a member of the central legal department of the parent company Media and Games Invest SE, responsible in particular for corporate and compliance law issues.

Nils is fluent in German, English and Spanish.

planit legal ariane jung

Ariane Jung

Lawyer
certified Data Protection Officer (TÜV)

Email: ariane.jung@planit.legal
Phone: +49 (0) 40 609 44 190

More info

Ariane Jung is Associate at PLANIT // LEGAL. She advises and represents clients in particular in data protection law. Her advisory focus is data protection and digital compliance, representing clients in legal and regulatory proceedings, and advising on contract negotiations. Ariane Jung supports her clients in the role as a lawyer and as an external data protection officer.

Clients particularly appreciate her solution-oriented and pragmatic consulting style as well as her open and clear communication. Ariane Jung “always has the clients’ needs in mind” and “works jointly with her clients to find the best solution ” for their (data protection) queries.

Before joining PLANIT // LEGAL, Ariane Jung was a lawyer at FECHNER Rechtsanwälte in Hamburg, where she focused on advising clients from the advertising industry on all digital compliance issues.

Ariane Jung studied at the Universities of Hanover and Bonn. After graduation, she worked for SKW Schwarz in Berlin, UNVERZAGT Rechtsanwälte in Hamburg and MÖHRLE HAPP LUTHER in Hamburg, where she was a professional support lawyer in data protection and IT law as well as in IP and drug advertising law.

Ariane Jung completed her legal clerkship at the Celle Court of Appeal (Oberlandesgericht Celle), including stations at the Regional Court of Lüneburg, the Hanseatic Court of Appeal in Hamburg (3rd Civil Senate) and the Hamburg Data Protection Authority (Hamburgischer Beauftragter für Datenschutz und Informationsfreiheit).

Ariane Jung is fluent in German and English.