Which companies could be affected by the Iran sanctions?

Up to 18,370 companies could be affected by a renewed deterioration in political relations between the West and Iran.

Karte mit Firmen, die Bezüge zum Iran haben
Companies with Iran connections in Germany are located in large cities and export-oriented regions.

Since 8 May 2018, it has become clear that the political conflict between the USA and Iran could also endanger German companies’ trade relations with Iran. A current analysis of data on the larger 600,000 companies in Germany shows that up to 18,370 companies have publicly named economic ties to Iran. The spectrum ranges from suppliers with sales offices, buyers of Iranian products to forwarders who can transport goods to Iran.

Medium-sized companies could be disproportionately affected by economic sanctions. With 2,039 hits and 14.14 percent in the sample, their share of potentially endangered companies is about twice as high as in the population analysed. But large companies have also established economic relations with Iran, with 579 large companies in Germany using this methodology.

Ansicht von Branchen, die von Sanktionen betroffen werden
Export-oriented wholesale and transport are particularly affected.

In addition to certain sectors, specific regions could also be particularly affected. The nationwide distribution of Iran-related companies suggests that urban centres in particular could be severely affected by a negative development in relations with Iran. Accordingly, the density of relevant companies is highest in the large cities of Berlin, Hamburg and Munich as well as the Ruhr area. The regions outside the big cities are also interesting. Nuremberg, Bielefeld and Hanover stand out here. Moreover, the financial stronghold Frankfurt seems unexpectedly to be the location for more potential affected companies than Stuttgart, a focus region of export-oriented automobile manufacturers and machine builders.

Would you like to find out for yourself which companies from your region or industry could possibly suffer from an escalation of this international conflict? With Companies and Markets you can easily research which of these companies have a reference to Iran on the website or in the company name. Do you have any questions about the analysis? The easiest way to contact us is at hello@implisense.com

 

GDPR at the last minute?

Based on a current data collection from our company index on April 30, 2018, only 10,775 companies from Germany have modified their data protection declaration in response to the new General Data Protection Regulation (GDPR). The evaluation indicates that micro-enterprises in particular are struggling to implement the more extensive requirements. Companies with business models in which data and data exchange play a critical role take advantage of the opportunity to proactively adapt their data protection.


About Implisense: The Berlin-based start-up Implisense is one of Germany’s leading providers in the field of B2B lead generation. Our text mining procedures analyze online content for all companies listed in the commercial register and located in Germany. The data obtained are assigned to the companies as structured characteristics and thus enable to identify, evaluate and observe potential business partners, customers or competitors from a new perspective.


Develop data protection declaration in the team

The General Data Protection Regulation is approaching and putting pressure on many companies. Serious penalties linked to company turnover are imminent. At the same time, the new requirements, for example in the areas of documentation, data security and transparency, should not be underestimated. It is not uncommon for managing directors, authorised signatories or data protection officers to sit in front of never-ending checklists, create biblically-sized documentations, and finally make a revised data protection declaration of often far more than 10 pages available.

After all, the fair use of personal data by the private sector is an issue that society and legislation must constantly keep up with in times of drastically developing information technologies.

Analysis of companies with a GDPR updated privacy policy

Against this background, Implisense has investigated how many companies are highly likely to have already addressed this issue and updated their data protection agreements. For this purpose, we have calculated the distribution of relevant signal words – such as the direct reference to the now applicable European Directive, synonyms (e.g. GDPR, General Data Protection Regulation and the German term DSGVO), and typical formulations – on company websites. The occurrence of the indications was then faceted with a view to other company characteristics, such as industry affiliation and size, in order to identify the associated characteristics.

Only one of 50 companies has adapted the data protection declaration

Even if the possible additional costs of implementing the new regulation are taken into account, the result is surprisingly clear. Our analysis suggests that only 10,775 companies have references to an adapted data protection declaration. This is all the more remarkable with a total of approximately 593,337 active companies registered in the commercial register and with sufficient data. This corresponds to approx. 1.8% or 1 of 50 companies.

A potential aspect can already be anticipated when looking at the distribution of these companies over the size of the company. Smaller companies in particular are struggling with the new requirements. For example, we estimate that micro-enterprises account for around 69% of the total. For companies with GDPR references, this shrinks to 61%. Large enterprises, on the other hand, are almost twice as often represented as in the total volume at 3%. The following graph compares the size distribution of companies in the population (left) with the estimated distribution of companies with updated data protection declaration (right).

Graph GDPR adapted data protection declaration according to company size and distribution of all companies according to size
Overall distribution by company size (left) and GDPR update by company size (right)

The potential link between company size and data protection update suggests that certain industries and business models could also be more strongly associated with it. The graph below shows industries that are disproportionately frequently represented in the hits (top 20 in order; WZ 2008) and their absolute number of hits.

Graphic GDPR Data protection declaration distribution by industry
Number of companies with GDPR updated privacy policy by industry.

The IT sector, for example, is most over-represented (J62). With 2,732 hits, these also account for the bulk of companies with an updated data protection declaration. Other sectors with data- and communication-intensive business models dominate the list, e.g. IT service providers (J63), the retail sector (G46, G47), lawyers (M69), financial service providers (K64) and consulting firms (M70). So if companies have updated their data protection, it is probably only because an extreme amount of data is generated on the basis of their business model. Slightly unexpectedly, the crafts (F43), electrical engineering (C26) and metal production (C25), as well as the education sector (P85) are to be found in it.

Exemplary hits on companies with updated data protection declaration from a greatly simplified analysis can be viewed directly on our platform Companies and Markets:

Sample hits GDPR in trade

Sample hits GDPR in electrical engineering

Sample hits GDPR in education

Sample hits GDPR in metal production

The lists of example companies for example quickly show that companies from the education sector often offer training measures in the field of DGPR and are therefore assigned to this topic.

For further exploration of these sub-segments, we invite you to test Implisense Pro free of charge. The filter and search criteria used for the analysis, such as segmentation by size, as well as the entire hit lists can be viewed and further narrowed down using additional criteria, e.g. region. Test the functionality here.

Conclusion

Our small analysis to identify companies that have already dealt with the GDPR is based on probabilistic methods and is therefore not necessarily representative. It covers companies that are only highly likely to have already done their homework on the General Data Protection Regulation.

It can also be further refined. As the example of training providers in the field of GDPR shows, e.g. by excluding certain sectors from the analysis. Finally, it does not necessarily state that existing data protection policies at companies that were not in the hit list are not already professionally designed and may only need to be formally adapted. In our opinion, the effects of these restrictions cannot call into question the basic findings of the evaluation.

Only a fraction of companies in Germany are finally prepared for the General Data Protection Regulation a few weeks before the implementation deadline expires. There is evidence that micro-enterprises in particular find it more difficult to ensure implementation. If so, then companies with particularly data-intensive and communication-intensive business models tend to implement the new data protection regulations. The question is, what business models in the age of digitization can still afford not to work with data to an appropriate extent?


What is your company’s position regarding the implementation of the GDPR? How many of your competitors already have visible indications of the implementation of the new amendment on your website? Our freely-searchable platform Companies and Markets is available here to help you assess these further questions.