Düsseldorf
+49 211 600 55-166 +49 211 600 55-160 p.kempermann@heuking.de
Languages
German,
English,
Dutch
Practice groups/Expertise
Consulting focuses
- Information Technology (IT)
- Antitrust Law
- Compliance
- Data Protection Law
- Internet Law
- IT-Outsourcing Tech-driven transactions
- Telecommunications Law
- Cyber Security
- Automotive
Vita
- Managing Partner
- Admitted to the Bar since 2006
- Education and former activities
- Legal Trainee (Referendar) in Duesseldorf 2004 – 2006
- LL.M. in Legal Informatics (EULISP), University of Hannover and University of Lapland, Rovaniemi/Fi. 2003 – 2004
- Universities of Bayreuth and Mainz 1997 – 2003
Affiliations
- ITechLaw
- Studienvereinigung Kartellrecht e.V.
- Deutsche Gesellschaft für Recht und Informatik e.V. (DGRI e.V.)
- International Technology Law Association (ITechLaw)
- International Bar Association (IBA)
Dr. Philip Kempermann's Distinctions
Legal 500 Deutschland 2026
Chambers Germany 2026
JUVE Ranking Wirtschaftskanzleien 2025/2026
Lexology Index: Germany – Data 2026
Legal 500 Deutschland 2025
Best Lawyers 2026
Handelsblatt: Deutschlands Beste Anwälte 2025
Handelsblatt: Deutschlands Beste Anwälte 2025
Lexology Index 2025
JUVE Handbuch Wirtschaftskanzleien 2024/2025
Leaders League 2024
Handelsblatt: Deutschlands Beste Anwälte 2024
Best Lawyers 2025
Legal 500 EMEA 2024
Legal 500 Germany 2024
WWL Germany 2024
JUVE Handbuch Wirtschaftskanzleien 2023/2024
Lexology Client Choice Awards 2024
Best Lawyers 2024
Handelsblatt: Deutschlands Beste Anwälte 2023
Who´s Who Legal Thought Leaders 2023
Leaders League 2023
Legal 500 Germany 2023
Latest news
Publications
2026
Auswirkungen der Rechtswidrigkeit einer anfänglichen Verarbeitung personenbezogener Daten auf die Weiterverarbeitung durch einen anderen Verantwortlichen
Update Data Protection Nr. 228, January 9, 2026,
together with
Antje Münch, LL.M.
CJEU denies hosting safe harbour for GDPR infringements: “Russmedia” increases obligations for platform operators
Update Data Protection No. 227, January 9, 2026
2025
Learning on the Job wird schwieriger
Interview, NJW/beck-aktuell, Heute im Recht, October 8, 2025
Compensation for insecure invoice delivery – The Higher Regional Court of Schleswig-Holstein sets high standards for data security
Update Data Protection No. 201, March 5, 2025
EDPB Guidelines on Pseudonymisation: A Guide to Handling Personal Data in a Privacy-Compliant Manner
Update Data Protection No. 199, February 19, 2025
Compensation for unsafe data transfers
Update Data Protection No. 198, January 28, 2025
2024
News from the Federal Court of Justice on damages in the case of scraping – a lose/lose situation for companies and consumers?
Update Data Protection No. 195, December 6, 2024,
together with
Georg Thomas, LL.M. (University of Glasgow)
LDI NRW confirms: Telecommunications secrecy does not apply to employers who allow the private use of email and telecommunications services
Update Data Protection No. 182, July 7, 2024,
together with
Julian Rosenfeld
BGH rules on the scope of the right to a copy
Update Data Protection No. 179, May 21, 2024,
together with
Julian Rosenfeld
Cybersecurity 2024 - Germany
Chambers Global Practice Guide – Cybersecurity 2024,
together with
Dr. Thomas Jansen
New OLG judgment: Is private email use subject to telecommunications secrecy?
Update Data Protection No. 172, March 6, 2024
Changes to the BDSG and TTDSG - What is changing and what companies need to pay particular attention to
Update Data Protection No. 171, February 28, 2024
ECJ clarifies further questions on compensation for damages and health data
Update Data Protection No. 165, January 3, 2024
EuGH stärkt die Stellung des Datenschutzbeauftragten
WPg 2024, p. 115,
together with
Georg Thomas, LL.M. (University of Glasgow)
2023
EuGH urteilt zur Haftung und Schadensersatz bei Cyberangriffen
Update Data Protection No. 163, December 18, 2023,
together with
Julian Rosenfeld
ECJ rules on Schufa scoring – current practices not GDPR-compliant
Update Data Protection No. 161, December 12, 2023,
together with
Julian Rosenfeld
ECJ on Deutsche Wohnen SE case: GDPR association sanction requires culpability – but not the action of a management body
Update Data Protection No. 159 & Update Compliance 9/2023, December 5, 2023,
together with
Dr. André-M. Szesny, LL.M.
Der EuGH und Meta-Anwendung und Reichweite von datenschutzrechtlichen Bestimmungen in der Prüfung von nationalen Wettbewerbsbehörden
Der Betrieb, Issue 38, September 18, 2023, pp. 2227-2231,
together with
Georg Thomas, LL.M. (University of Glasgow)
Meta suffers defeat before the ECJ – National competition authority can find an infringement of the GDPR
Update Data Protection No. 150, July 14, 2023
Drahtseilakt zwischen verschiedenen Rechtsgebieten
In-house Counsel, issue 4/2023, pages 24-26
Der Europäische Gerichtshof konkretisiert den Umfang des Auskunftsrechts
Update Data Protection No. 147, June 29, 2023,
together with
Julian Rosenfeld
New draft regulation for consent management services (PIMS) pursuant to section 26 TTDSG
Update Data Protection No. 144, June 14, 2023,
together with
Michael Kuska, LL.M., LL.M.
Data Protection & Privacy 2023 - Germany
Chambers Global Practice Guide – Data Protection & Privacy 2023 ,
together with
Dr. Thomas Jansen
Cybersecurity 2023 - Germany
Chambers Global Practice Guide – Cybersecurity 2023,
together with
Dr. Thomas Jansen
ECJ strengthens Position of Data Protection Officers
Update Data Protection No. 134, February 27, 2023
CJEU puts its foot down on the Right of access – Controllers must name specific recipients
Update Data Protection No. 133, February 23, 2023,
together with
Julian Rosenfeld
What is a copy? – The Advocate General explains the interpretation of Art. 15 (3) GDPR
Update Data Protection No. 129, January 3, 2023,
together with
Julian Rosenfeld
2022
New EU-/U.S. Data Protection Agreement on the home straight
Update Data Protection No. 126
Transatlantisches Datenabkommen – kommt der Privacy Shield 2.0?
Digital Markets Act – Wesentliche Inhalte und Bedeutung
Update Datenschutz No. 119,
together with
Michael Kuska, LL.M., LL.M.
Datenschutzrechtliche Sorgfaltspflichten nach Vertragsende
Update Datenschutz No. 117
Mal wieder: Unverschlüsselter Emailversand möglich?
Update Datenschutz No. 115
ECJ Affirms the Legal Standing of Consumer Associations for the Prosecution of Data Protection Violations
Update Data Protection No. 111,
together with
Julian Rosenfeld
Cybersecurity 2022 - Germany
Chambers & Partners Cybersecurity Guide 2022,
together with
Dr. Thomas Jansen
External liability of the managing director for company’s data protection infringements?
Update Data Protection No. 110 | Update Compliance 7/2022
Data Protection & Privacy 2022 - Germany
Chambers & Partners Data Protection & Privacy Guide 2022,
together with
Dr. Thomas Jansen
2021
Data Protection Update: New EDPB Recommendations on International Data Transfers
Update Data Protection No. 100
Cybersecurity 2021 - Germany
Chambers & Partners Cybersecurity Guide 2021
Data Protection & Privacy 2021 - Germany
Chambers & Partners Data Protection & Privacy Guide 2021
German Supervisory Authorities to Monitor the Implementation of the "Schrems II" Judgment
Update Data Protection No. 91
2020
Brexit and the need for a UK Representative
Update Data Protection No. 88
Europäische Kommission veröffentlicht aktualisierte Standardvertragsklauseln
Update Data Protection No. 87
EcJ throws out privacy shield agreement but confirms standard contractual clauses
Update Datenschutz, No. 82
Verschlüsselungspflicht bei E-Mail-Kommunikation
Update Datenschutz, No. 79
Die Corona-Warn-App im Arbeitsverhältnis
Update Datenschutz, No. 78
Email service are not telecommunications services
Update Data Protection, No. 75
Legal implications of the coronavirus at a glance
Special newsletter coronavirus,
together with
Dr. Sebastian Jungemeyer
, Christoph Prochnau, LL.B.
, Dr. Christian Appelbaum ✝
, Dr. Verena Hoene, LL.M. (University of Washington)
, Dr. Stefan Jöster, LL.M.
, Michael Below
Steuerberater sind keine Auftragsverarbeiter
Newsletter Update Datenschutz, No. 72
2019
Germany: Privacy
GDR Insight Handbook 2020
Meldung zu Datenschutzverstössen nur mit Zustimmung des Betriebsrats?
Newsletter Update Datenschutz, No. 70 ,
together with
Astrid Luedtke
Statement by the Berlin Data Protection Authority regarding obtaining consent for the use of Google Analytics and similar services
Newsletter Update Data Protection, No 69,
together with
Michael Kuska, LL.M., LL.M.
Property Company Hit with Millions in Fines - The Deutsche Wohnen Case
Newsletter Update Data Protection, No 68,
together with
Dr. Thomas Jansen
New Model for Calculating Fines for GDPR Infringements
CJEU Judgment on the Facebook Like Button - A New Chapter of Joint Controllership
Newsletter Update Data Protection, No 63,
together with
Michael Kuska, LL.M., LL.M.
Risk for international data transfers
Newsletter Update Data Protection, No 61
Reichweite des Anspruchs auf eine Kopie personenbezogener Daten
Newsletter Update Data Protection, No 58
2018
Neue Datenschutz-Regeln: Betriebe müssen sich vorbereiten
Deutsche Handwerks Zeitung, Recht + Steuern, February 15, 2018
2016
Offenes WLAN – viele offene Fragen
Bilanz, September 21, 2016
Spiel mit Grenzen
Markt und Mittelstand, May 6, 2016
Kein Vorteil für Mittelständler
Markt und Mittelstand, May 6, 2016
Privacy Shield kommt: Was das für Mittelständler bedeutet
Markt und Mittelstand, March 17, 2016
Lectures
2020
Koorperationsmodelle im Lichte des Datenschutzes
7. Deutscher IT-Rechtstag, 13. bis 14. August in Berlin
2018
Digital Legal Counsel
Zertifikatslehrgang für Unternehmensjuristen, June 2018, Bonn, September 2018, Frankfurt, November 2018, Munich
Collaboration and Data Exchange
IFCLA Conference, Paris, June 7, 2018
2016
Datenschutz-Grundverordnung – Bleibt alles anders?!
Juristenjahrestagung Bundesverband öffentlicher Banken, September 1, 2016
Ermittlungen im Wirtschaftsunternehmen – Ursachen für und Umgang mit dem Ernstfall
Inhouse-Training at an internationa company, Neuss, February 11, 2016