Since 2008, b.r.m. EcoStep certified since 2008. In February 2022, the last re-certification according to EcoStep 5.1 took place. The IT service company from Bremen is continuously optimizing its organizational structure and internal processes.

With EcoStep 4.0 and EcoStep 5.0, b.r.m. has implemented all the core elements of the following standards in its operational processes in a practical and compact manner since 2008:

• ISO 9001:2015 Quality management
• ISO 14001:2015 Environmental management
• ISO 45001:2018 Occupational health and safety

With these certifications, b.r.m. has succeeded in implementing a practical management system for IT services in a lean and cost-effective manner.

Further information:

• RKW Bremen
• EcoStep Online
• Senate Press Office

b.r.m. is certified according to EcoStep 5.1

The new European General Data Protection Regulation (GDPR) was not on the radar of many companies and internet users for too long. The first draft dates back to 2012, the new paragraphs were adopted in April 2016 and the GDPR will now come into force on May 25, 2018. A lot of time has passed since then. The aim of the regulation is to create a uniform basis for data protection across Europe. It is intended to effectively prevent the undermining of standards by individual member states.

A new feature for users of online services is their 'right to be forgotten'. They will be able to obtain information about personal data and can request the deletion of data if storage is overdue, unnecessary or unlawful. Furthermore, all data must be 'portable' from now on: On request, the customer of a service can ask for their data to be handed over in a structured form so that they can pass it on to another provider. In general, two principles apply to all data processing operations on the Internet and in companies: privacy by design and privacy by default: The protection of privacy must already be taken into account when setting up a data processing operation and the default settings must be set up to protect privacy.

Anyone who cooperates with an external service provider for data processing can already rest assured at b.r.m. that we do not violate the new regulation when processing data on our behalf, and that the aforementioned privacy principles are adhered to. We have long since implemented the creation of a 'record of processing activities', which is required by the GDPR. Furthermore, all processing activities are fully documented. We are therefore your competent partner for all questions relating to the GDPR, if only because Harald Rossol, our Managing Director, is also a recognized data protection officer. Advice and support in all matters relating to the new European General Data Protection Regulation (GDPR) are therefore in the best hands with us - from technical and organizational measures (TOM) to security analysis and the register of processing activities through to risk assessment.

Incidentally, anyone who processes personal data online is affected by the GDPR, from small bloggers to global giants such as Facebook. All characteristics such as name, gender, skin color, political views, but also car license plates or clothing sizes are considered 'personal'. As soon as data is collected, stored, modified, read or transmitted, this is considered 'processing'. In future, anyone operating a website must inform every visitor about what data they collect and store and for what purpose. Only the judiciary and law enforcement are exempt from this. Compliance with the GDPR will be monitored by the data protection authorities. The main establishment of an operator or company is decisive for jurisdiction.

Initially, little will change for operators of small websites because the GDPR is similar in many respects to the previously applicable data protection laws. In most cases, it will be sufficient to adapt the data protection declarations and general terms and conditions (GTC). Above all, online privacy policies should be 'generally understandable' in future, which of course opens up a wide scope for interpretation. Another new feature is 'self-disclosure under data protection law': every company must provide a citizen with information within one month about what information about them is stored there, for what purpose and for how long.
However, the boundary between 'private' and 'commercial' is becoming clearer. If I post pictures of my garden at home, this remains uncritical. However, if I sell garden furniture shown there, for example, then the website will fall under the GDPR in future. This also applies to 'affiliate offers', i.e. where the operator of a website links to another provider. Private operators should better eliminate such plug-ins, whether under WordPress or Firefox, until there is legal clarity.

In any case, it is essential to adapt the privacy policy and the terms and conditions on every website, otherwise you are just opening the door to 'warning lawyers'. There is a wealth of legally compliant text templates available online.

The threat of financial penalties for violations caused a lot of alarm. While the maximum fine was previously 300,000 euros, it can now be up to 20 million euros, depending on the severity of the infringement (Art. 83). An extra rule, which is primarily aimed at the tech giants, also makes a fine of up to four percent of global turnover possible, and ultimately also access to private assets.

However, the first consequence of the GDPR is likely to be ongoing legal uncertainty. What, for example, are a company's 'legitimate interests'? The regulation contains an abundance of such vague formulations, which will only be clarified by court decisions, presumably after years before the European Court of Justice. National data protection law also had to be adapted to the GDPR by means of a new Federal Data Protection Act. On the other hand, there is no longer an escape route from this regulation, for example overseas. The regulation applies to anyone who wants to collect or analyze data within the EU - so it also applies to Google or Facebook.

If you have any questions about the new GDPR and IT service in Bremen, simply contact us ...

The German government is funding the Bremen-based cooperation network 'ARtisan' to make the regional skilled trades sector more future-proof. The two capital letters 'AR' in the name stand for 'augmented reality'.

At first glance, this term may seem a little unwieldy for laypeople, but it is actually just a name for something familiar. We humans have been using 'augmented reality' tools for a long time: for example, glasses, echo sounders, carbon isotopes to determine age, or microscopes. They all bring us closer to a reality that we would not be able to grasp without technical aids.

Today, 'AR' refers narrowly to the field of digital technology, sometimes also referred to as 'virtual reality' (VR). It is clear that craft businesses and small and medium-sized enterprises (SMEs) in particular are facing a profound change: Qualification, project planning, service, material requirements, accounting, costing, error analysis - all of this, and much more, will no longer have a future without digital support. AR is the next big step in digital development after green IT.

ARtisan' connects craft businesses and SMEs with technology providers, IT service experts and research institutions in order to make this change future-proof. Among other things, with our IT service at b.r.m. The full name of the project is: 'Development of work process-integrated augmented reality solutions to increase efficiency and safety in the skilled trades'.

The new cooperation network is based at the Chamber of Crafts (HWK) in Bremen, more precisely at its wholly-owned subsidiary 'Handwerkprojekt GmbH' (HWP). It is managed by engineers from the VDI, as part of the 'Central Innovation Program for SMEs' (ZIM) in Germany. This is known to be one of the most successful funding programs for medium-sized companies in Germany. The funding period for ARtisan projects is currently set at three years. This allows craft businesses and SMEs to test new AR technologies with virtually no risk.

With the help of 'augmented reality', for example with the aid of 3D glasses, planned buildings, for example, can be inspected before the first sod is turned. Flat presentation graphics suddenly become three-dimensional, revealing weak points right from the start. Database-supported plausibility checks point out errors in the calculation or potential savings. These and many other solutions, which have yet to be discovered, can be implemented to give you a head start on the market and in practice.

We at b.r.m. have expanded our IT service accordingly, far beyond the traditional IT service. We currently have four contact partners who will support you in the planning and implementation of your AR projects:

Harald Rossol
Marius Ammermann
Tarek Huith
Markus Rossol

Write to us or simply give us a call if you have an idea that you could possibly solve with the help of augmented reality. Together with our research partners in the network, we will then guide you to your goal.