Article: Codes of Conduct in German Employment Relationships – A Measure to Adequately Implementing Compliance and Data Protection?

Abstract

Compliance as well as Compliance-Management-Systems, Codes of Conduct and General Data Protection Regulation are widely known terms in any (multinational) corporation. In daily legal practice, however, Codes of Conduct containing or being combined with Codes of Conduct according to Art. 40 GDPR (GDPR codes) are unlikely to being drafted or published. Particularly by employers and thus corporations. This is for a good reason. Addressing codes of conduct within corporations, it is not yet comprehensively analyzed whether GDPR codes may be lawfully drafted by corporations or – if drafted lawfully – whether these are appropriate measures within employers’ Corporate Compliance-Management-Systems. Aiming to contribute to the discussion in this respect, this paper contours possible considerations of the analysis explicitly encouraging colleagues to critically think of this topic as well. Eventually, if GDPR codes are appropriate measures, lawfully and comprehensively implementing compliance codes is nevertheless essential in any case. Compliance-Management-Systems, Codes of Conduct, General Data Protection Regulation, Employee Data Protection, Compliance codes, GDPR codes, Compliance