Dr. Viktoria Schmittmann, LL.M.

  • Lawyer
  • Specialist lawyer for IT law
  • Certified Information Privacy Professional/Europe (CIPP/E)
  • Data Protection Auditor (TÜV)

Personal assistant:

Ms Scholz
0201 - 842 94 - 67






Law studies at the University of Passau
Legal clerkship at the Regional Court of Regensburg, legal clerk at a Big Four auditing firm in Düsseldorf
2016 – 2022
Lawyer with two international law firms in Düsseldorf in the technology, media and telecommunications and energy sectors
Master of Laws (LL.M.) in Information Law at the University of Oldenburg
Studies in Business Informatics (Master of Science, M.Sc.) at the University of Duisburg-Essen with a focus on digital transformation, cyber security and compliance
Certified Information Privacy Professional/Europe (CIPP/E), International Association of Privacy Professionals (IAPP), USA
Specialist lawyer for information technology law
Doctorate at the Technical University of Dresden in data protection law
Data Protection Auditor (TÜV)


  • Association for Informatics (GI), Section Business Informatics
  • German Association for Law and Informatics (DGRI)
  • International Association of Privacy Professionals (IAPP), USA
  • Friends of the Deutsche Oper am Rhein Düsseldorf


  • Data protection law / compliance
  • IT law
  • Telecommunications law
  • Energy law


  • Lecturer for data protection law and cloud services as part of the certification as Data Privacy Professional Microsoft 365 (DPPM) in the Executive Education programme at the BSP Business & Law School Berlin
  • Lecturer for IT and media law and compliance at the FOM University of Applied Sciences


  • Commentary on §§ 55, 56, 57, 58 and §§ 63, 64 of the Smart Metering Act (MsbG) and an appendix "Digital Transformation in the Energy Sector" to § 54 MsbG, in: Säcker/Zwanziger (eds.), Berliner Kommentar zum Energierecht, Volume 6, Smart Metering Act, 5th revised and expanded edition, Frankfurt am Main 2022.
  • Immaterial damages under Art. 82 GDPR: Claim assignable, but damage hardly substantiable?, in: Datenschutz-Berater 2022, pp. 25-27
  • Interdisciplinarity of business informatics and law - an agile evergreen approach to the legally compliant design of integrated and process-oriented information systems, in: Taeger, Im Fokus der Rechtsentwicklung - Die Digitalisierung der Welt, DSRITB 2021, p. 627 et seq.
  • Right to a copy pursuant to Art. 15 of the GDPR regarding the tax office's submission report, in: Betriebs-Berater 2021, pp. 2917-2918
  • Possibility to inspect exam papers does not replace a free copy under Art. 15(3) GDPR, in: Datenschutz-Berater 2021, pp. 274-276
  • Member States' room for manoeuvre according to Art. 6 (2), (3) and Art. 23 GDPR using the example of the data subject's right to information - suum cuique or singularia non sunt extendenda?, in: Taeger, Den Wandel begleiten - IT-rechtliche Herausforderungen der Digitalisierung, DSRITB 2020, p. 319 et seq.
  • Regulation of data communication in smart energy networks; telecommunications and data protection implications of the smart meter rollout, in: Taeger (ed.), Die Macht der Daten und der Algorithmen - Regulierung von IT, IoT und AI, DSRITB 2019, p. 731 et seq.