Profile
Erdem Durmus was born in Darmstadt in 1995. In 2017 he completed his studies in Information Law (LL.B.) at the University of Applied Sciences Darmstadt with a very good grade point average. He wrote his bachelor thesis on the right to data portability according to Art. 20 GDPR. Following his bachelor's degree, he also studied the consecutive masters course in Global Licensing (LL.M.) at Darmstadt University of Applied Sciences and also completed this second course of study with a very good grade point average. He wrote his master's thesis, in cooperation with the Fraunhofer Institute for Secure Information Technology (SIT), on the GDPR-compliant erasure of e-mails.
Erdem Durmus is a data protection enthusiast and has specialised in this field for many years. During his studies, he obtained three certificates of competence as a data protection officer and is also certified as a Certified Information Privacy Professional/Europe (CIPP/E). During his studies, he worked in the legal department of Döhler GmbH, where he was familiar with mainly data protection issues and worked in the Group Corporate Data Protection of Deutsche Lufthansa AG at Frankfurt Airport. He is also the author of numerous articles on data protection law in specialist journals.
Professional Vita
- since October 2019: External data protection officer at NOTOS Xperts GmbH in Darmstadt
- November 2020 - February 2021: Lecturer for the course Internet Law in the degree programme Business Administration (M.Sc.) at the University of Applied Sciences Darmstadt
- January 2019 - September 2019: Working student data protection at NOTOS Xperts GmbH in Darmstadt
- September 2018 - December 2018: Intern in Group Corporate Data Protection at Deutsche Lufthansa AG in Frankfurt am Main
- November 2017 - May 2018: Working student in the legal department of Döhler GmbH in Darmstadt
- October 2017 - September 2019: Masters Degree study in Global Licensing (LL.M.) at the University of Applied Sciences Darmstadt
- October 2016 - September 2018: Student advisor for the Information law courses at Darmstadt University of Applied Sciences
- October 2014 - September 2017: Bachelor's degree study in Information Law (LL.B.) at the University of Applied Sciences Darmstadt
memberships
- International Association of Privacy Professionals (IAPP)
- The German Association for Data Protection and Data Security (GDD)
- The Association of Data Protection Officers (BvD)
- Alliance for Cybersecurity (ACS)
- Darmstadt legal association (dajurge)
Publications / talks (selection)
- Impacts of Data Protection by Design and by Default Pursuant to Art. 25 GDPR on Asian (Software) Companies, HONGKONG LAWYER 08/2020, 27 ff. (with Jens Engelhardt)
- Überprüfung und Aktualisierung von Datenschutzmaßnahmen gem. Art. 24 DSGVO, DSB 2020, 122 f. (on p. 16 or p. 122)
- KI und Datenschutz: Zwei Seiten einer Medaille, LR 2020, 9 ff. (with Jens Engelhardt)
- Die DSGVO-konforme Löschung von E-Mails - Ein pragmatischer Wegweiser, Fachhochschulverlag, Frankfurt am Main, 2020
- Over 18 months of GDPR - a review of milestones and effects since applicability, HONG KONG LAWYER (with Jens Engelhardt)
- Der Unterschied zwischen dem berechtigten Interesse und dem Zweck der Verarbeitung, DSB 2020, 12 f.
- Unterstützungspflichten des Auftragsverarbeiters gegenüber dem Verantwortlichen, DSB 2019, 273 f.
- Das Löschen nach der DSGVO - Eine Diskussion der datenschutzkonformen Umsetzung bei E-Mails, DuD 12/2019, 786 ff. (zusammen mit Annika Selzer und Dr. Ulrich Pordesch)
- Gegenstand und Zweck von Controller-to-Controller Vereinbarungen, DSB 2019, 129 f.
- Die Berechnung der Geldbuße nach Art. 83 DSGVO: Konzernumsatz oder Umsatz einer einzelnen Gesellschaft?, DSB 2019, 94 f.
- Der Konzerndatenschutzbeauftragte nach der DSGVO – Eine pragmatische Darstellung, LR 2019, 13 ff.
- Praktische Umsetzung von Transparenzpflichten, RDV 6/2018, 297 ff.
- Das Recht auf Datenübertragbarkeit, RDV 2/2018, 80 ff.
Now available:
