Consulting and Legal Advice

Fields of Law

Contract Law

  • Reviewing of Contracts - Employment Law, IT-Law, Trade-Law
  • Drafting of Contracts
  • Amendments of Contracts
  • Out-of-court Solutions
  • Mediation
  • Negotiation
  • Other Areas of Law

  • Insurance Law
  • Compliance
  • Cloud and Law
  • Law of Banks and Insurance Companies
  • IT-Security (ISO 27001/BSI/NEST/COBIT) and Law
  • BAFIN Audits and Requirements
  • BAFIN VAIT/BAIT and Requirements
  • Trade Law

  • End-User License Agreement "EULA"
  • Drafting and reviewing relevant contracts
  • Advice on drafting clauses
  • Int. Trade Law
  • Online-trade and E-Commerce
  • Softwarselling and Warranty
  • Advice and Consulting


    Internet and Law

  • Initial Advice on all questions about IT-Law
  • Advice in case of Warning Letters
  • Imprint Drafting and Data Protection Notice
  • Use of Cookies
  • Use of Cloud-Services
  • IT Outsourcing-Contracts
  • Software Sale and Contracts
  • Outsourcing and TOMs
  • Azure, Google, Amazon - Cloud and Law.
  • E-Commerce und Onlinetrade

  • The Online-Shop
  • Domain and Law
  • Copyright - Software and pictures
  • Drafting of Term of Conditions
  • Right of Withdrawal - Drafting
  • Internet-Auktion and Law
  • Software - Warranty and Guarantee
  • Software und Hardware

  • Software and Contract Law
  • Reviewing
  • Drafting Software and Hardware Sales-Contracts
  • Drafting of NDAs
  • Drafting of SLAs
  • Use of Opensource Software
  • Drafting and reviewing Terms of use
  • Negotiations
  • Advice and Consulting

    Data Protections

    For the Data Protections officers and CISOs

  • Interim DPO role
  • Advices for the DPOs
  • Register of processing
  • GDPR Audits
  • Education of DPOs
  • Reviewing of privacy notices
  • Privat Impact Assements
  • DP and Internet
  • Seminars in DP for internal staff
  • Data protection (DP) GDPR and ISO in companies

  • GDPR Consulting
  • Reviewing Corporate Website
  • Outsourcing of IT-Services SAAS
  • Data processing contracts
  • Standard Contractual Clauses
  • Data lost prevention- DLP
  • Data Processing Agreement
  • Drafting of consents based on GDPR
  • Negotiations with Authorities
  • TOMs based on ISO 2700X
  • Use of Cookies
  • Data Protection for Private Individuals

  • Initial consultation on data protection violations
  • Drafting of data privacy
  • Rights to be informed
  • Data Protection and Internet
  • Court trials
  • Terms of use
  • Advice and Consulting

    Employment Law

    Employment Law for Employees

  • Drafting the employment contract
  • Initial consultation upon termination
  • Representation in employment court proceedings
  • Dismissal Protection Suits
  • Compensation Advice
  • Reviewing of job reference
  • Court Trials
  • Employee inventions and law
  • Employment Law for CEOs and General Managers

  • Drafting Management Contracts
  • Bonus and additional agreements
  • Advice in the case of termination
  • Initial consultation on every topic related for the CEO
  • Severance Negotiations
  • Performance Evaluation
  • Reviewing of Job References
  • Employment Law for Employers

  • Advice before Termination and dismissal
  • Drafting of Employment Contracts
  • Severance Negotiations
  • Out of court negotiations
  • Drafting of letter of termination
  • Contract for work and employment law
  • Temporary workers and external use
  • Advice on customs controls
  • Representation in court
  • Additional agreements - confidentiality and prohibition of competition
  • Data Protection and Employment law
  • consulting

    DOW-, NASDAQ-, S&P 500-, FTSE-, CAC40- and DAX-companies

    Consulting and Legal Advice

    Regulation, Compliance und Data Protection

    Interim Business Services

  • Implementation of projects in-house
  • Project management
  • Support of IT
  • Support of the legal department
  • Support of Controlling, Sales, Finance and Purchasing-department
  • Cushioning of peak loads
  • Advice in the Field of Software-Sales
  • Outsourcing of IT Servcies and Contract Reviewing
  • Cloud, authorities and IT Security
  • Content-production in the Field of IT-Law
  • Banks, insurance companies and financial service providers

  • Support of DPO, CISO or CTO, Legal, IT, IT-Security.
  • Contract law and negotiations with internal and external services companies
  • Implementation of legal requirements in-house
  • BaFin requirements, recommendations and orientation aids, e.g. cloud
  • Banks: German laws like MaRisk, WpHG, Basel X
  • Insurance companies German laws like VAG, VAIT, MAGO, EBA-Recommendations
  • Outsourcing of IT services
  • SaaS and use of Google, MS Azure and Amazon Cloud
  • Support with the introduction of an ISMS, data protection management or GRC tool
  • Design of compliance and rules
  • Support with certification according to ISO 27001
  • Implementation of measures according to NIST, COBIT, BSI, ISO
  • Data protection impact assessment and penetration testing
  • Risk analysis, implementation of TOMs
  • GAP analysis and internal implementation of measures
  • Support with risk analysis for internet-based applications - Cyber Security & Risk
  • Data Protection in companies interim

  • Support of DPOs/DSBs, CISOs, CIO or CTOs
  • Process optimization
  • TOMs based on GDD, ISO, Cobit, NIST, ISF
  • Examination and completion of the list of processing activities
  • IT applications and GDPR compliance
  • Data protection and Employment law
  • Drafting terms of use
  • Data private impact assements
  • Terms of use for Apps and websites
  • Amendments in the area of Art. 28 GDPR
  • Outsourcing-contracts
  • Data Protection management systems like One Trust, Compliance Web, Data Guard, Prime and others
  • Data Leeks and Preventions - information of authorities
  • Data Subjects Rights
  • Communication with DP authorities
  • IT- und Cyber Security

    Cyber Security

  • Supporting of CISO, ISO, CTO
  • Gap-analyzing and vulnerability testing
  • Identification of cyber risks
  • Cyber Risk Assessments
  • Support with internal security checks
  • Support of GRC-Tools or ISMS.
  • Audit based on ISO 2700X and implementations
  • Support in preparing for certification according to ISO standards (27001) and TISAX.
  • Cyber Security of vehicles (cars / trucks)

  • UN R155 and UN R156 transformation
  • Cyber Security-Managementsystems (CSMS),
  • Securing vehicles "by design"
  • Data protection in vehicles
  • Data protection in control units
  • Implementation of ISO 21434
  • Implementation of Security Services
  • Cyber Security Strategies
  • Implementation and certification of a Cyber Security Management System (UN ECE R155) ISO 2700X and NIST
  • Big Data and AI Solutions

  • Big Data & Prediction of Cyberrisks
  • Impact Testing and Risk Mitigation Actions
  • IT- and Security Risk Management
  • AI based Cyber Risk Management Systems
  • Implementation of ISMS e.g. RSA
  • Cyber Security Vulnerability
  • Cyber Resilience & ensure business continuity
  • IOT, Robotic & Security
  • US Law

    US Copyright - Employment Law - Data Protection

    US-Copyright Software, Movies and Art

  • Open Source Software and law
  • Source-codes and Software-law
  • License agreements
  • Warning letters
  • Out of court negotiations
  • Term of use
  • US-Employment Law

  • Reviewing of US Employment contracts
  • Advice on drafting employment contracts
  • Additional Agreements
  • Nondisclosure Agreements -- NDAs
  • Participation Agreements
  • Other Contractual Conditions Like - VISA, etc.
  • Competition Clauses and Protection of invention
  • IT- and Data Protection law

  • GDPR for US Companies
  • Outsourcing Contracts
  • Contract Drafting
  • NDAs
  • SLA - Service Level Agreements
  • NIST and BAFIN Requirements
  • call or write us

  • Fast opinions
  • Always cost controlled
  • We act always together
  • We act fast
  • We are confidential
  • We are one your side
  • Our Services


    More than 10 years with advice the biggest German in the field of IT law, data protection, copyright Law, employment law and contract law.


    Teamwork is our basemenet. The success of our clients our goal.

    Analysis and Strategies

    We solve cases fast and with the best solution for our clients.

    Legal consulting

    We represent clients in Germany everywhere.


    Inhouse projects.


    In the field of IT Law we create analysis for our clients to find better solutions.

    Do not hestitate to contact us!

    Take look at our

    Field of consultation

    Specialised in the following fields:
    IT Law
    Data Protections
    Cyber Security

    Rombach Rechtsanwälte

    The future of law and technology

    As lawyers,

    we specialize in contract law, IT law, employment law, data protection, US employment law, US copyright law and software law. As a further country focus, we are specialists in German-US legal cases, especially in the area of employment law.

    IT security and law for financial service companies

    Another specialty is the implementation of legal requirements in the area of ​​IT security and cyber / internet security on the basis of various standards such as BSI, COBIT, ISO 27001 or, for the USA, NIST. We support IT in the implementation of selected technical and organizational measures to minimize weak points and risks.

    Think and act

    Proactive, hands on, not writing 100 e-mails back and forth, calling. Talking helps. Don't complain and insist on your rights, but be better than the courts. Solve cases, matters and internal goals and projects professionally by reaching an agreement, by convincing and acting neutrally and without emotion. Know what you want and where you want to go. Work focused, concentrated and result-oriented. Negotiate, understand the other side, professionally present and convince positions and points of view in a fact-oriented manner. Find common ground and achieve the best possible solution together. This is how we think and work.


    One is not one, two are one. We always work in a team. As a team, we achieve more and find better solutions. We work together on complex cases and find solutions that are best for our clients.


    We advise private individuals, entrepreneurs and companies in the field of IT law, internet law, data protection, software law, employment law and contract law. Our strength lies in the correct assessment of the situation, a pragmatic approach and the successful achievement of goals.


    We are consultants first, then lawyers. We are IT-savvy, IT security and law, vehicles and technology, cybersecurity and autonomous driving, have a high technical understanding. We try to be ahead of our time and help companies to implement current and future legal or self-defined requirements.

    Technology and law of tomorrow

    Technically complex issues from the field of new technologies, Industry 4.0, IOT or robotics as well as hardware and software combined with legal challenges are among our preferred cases. The future is what motivates us. Due to our many years of experience and our network, we can not only offer our customers and clients first-class advice, but above all a mindset that does not see "problems" everywhere, but not only appreciates opportunities and challenges, but wants them , and above all tries to always be one step ahead, not just on paper.

    Our work

    As consultants, we now represent and advise private individuals, entrepreneurs, companies, colleagues, banks, insurance companies and German authorities on matters in the selected areas mentioned.


    We all speak fluent English and German and other languages, conduct negotiations, conduct meetings with MS Teams or WebEx. We are used to working mobile and flexible and have an open, customer-oriented way of working.

    Our articles

    in progress


    If you have any questions, send us a email

    Comsulting and advice

    +49 711 217 29 29 00

    Get in touch

    Leitzstr. 45
    Stuttgart, ZIP code 70469

    Business consulting
    - competent, qualified, ahead -

    For companies