GPDR - Trigonum - Managementsysteme für Informationssicherheit und Datenschutz auf Basis Mircosoft 365

General Data Protection Regulation (GDPR)

Legally Compliant – Efficient – Secure
We help you implement the requirements of the GDPR in your company and establish sustainable data protection practices.

Since 2018, the General Data Protection Regulation (GDPR) has been in force across Europe as a binding data protection regulation. It protects the fundamental rights and freedoms of natural persons, particularly their right to the protection of personal data.
The GDPR applies to all natural persons and companies in Europe, as well as to companies outside Europe that are active in the European market.

The GDPR presents challenges to companies and brings with it a variety of requirements, including:

  • More extensive proof and documentation obligations
  • Extensive rights for data subjects, such as extended information obligations, the right to access, correction, and deletion, the right to be forgotten, and data portability
  • Establishing a notification procedure to report data protection breaches to supervisory authorities within 72 hours
  • Processing activities involving personal data must be documented by both the controller and the processor
  • Technical and organizational measures (TOMs) must be defined and implemented based on a risk-based approach

The importance of implementing these requirements is particularly evident in view of the penalties for violations. With the implementation of the GDPR, sanctions for data protection violations have increased. Violations can now result in fines of up to 20 million euros or 4% of the total worldwide annual turnover of a corporate group, whichever is higher. These fines can have serious consequences for companies. To avoid such penalties, companies should engage deeply with the GDPR requirements, with particular focus on documentation, evidence obligations, and data protection processes.

Our experienced data protection officers provide advice on all matters of data protection and information security, helping you integrate the complex requirements of effective data protection into your business processes. We also assist you in developing processes to handle personal data in compliance with current laws and regulations. Our consultants will work with you to conduct a status assessment and help develop the necessary concepts for building a data protection management system tailored to your company. In doing so, we draw on our many years of experience and methods in building integrated management systems.

Since 2018, the General Data Protection Regulation (GDPR) has been in force across Europe as a binding data protection regulation. It protects the fundamental rights and freedoms of natural persons, particularly their right to the protection of personal data.
The GDPR applies to all natural persons and companies in Europe, as well as to companies outside Europe that are active in the European market.

The GDPR presents challenges to companies and brings with it a variety of requirements, including:

  • More extensive proof and documentation obligations
  • Extensive rights for data subjects, such as extended information obligations, the right to access, correction, and deletion, the right to be forgotten, and data portability
  • Establishing a notification procedure to report data protection breaches to supervisory authorities within 72 hours
  • Processing activities involving personal data must be documented by both the controller and the processor
  • Technical and organizational measures (TOMs) must be defined and implemented based on a risk-based approach

The importance of implementing these requirements is particularly evident in view of the penalties for violations. With the implementation of the GDPR, sanctions for data protection violations have increased. Violations can now result in fines of up to 20 million euros or 4% of the total worldwide annual turnover of a corporate group, whichever is higher. These fines can have serious consequences for companies. To avoid such penalties, companies should engage deeply with the GDPR requirements, with particular focus on documentation, evidence obligations, and data protection processes.

Our experienced data protection officers provide advice on all matters of data protection and information security, helping you integrate the complex requirements of effective data protection into your business processes. We also assist you in developing processes to handle personal data in compliance with current laws and regulations. Our consultants will work with you to conduct a status assessment and help develop the necessary concepts for building a data protection management system tailored to your company. In doing so, we draw on our many years of experience and methods in building integrated management systems.

Our Services

  • Personal consultation and support with GDPR-related questions
  • Identification of requirements and highlighting areas for action
  • Support in establishing a data protection organization that meets GDPR requirements
  • Support in building GDPR-compliant processes
  • Assistance with fulfilling documentation and evidence obligations
  • Support in meeting accountability requirements to supervisory authorities
  • Consultation and support in building a data protection management system tailored to your company
  • Provision of templates and frameworks

What We Offer

Personal Consultation at Eye Level

Together with you, we develop practical, tailored solutions for your company through open and personal exchanges on an equal footing. Our goal is to consider your wishes, ideas, and requirements in the individual solutions.

Tailored Solutions

Since each company faces different requirements and challenges, we work with you to develop tailored solutions. You and your individual needs are at the center of our approach. Our GDPR-compliant solutions are customer-oriented, consider the varying circumstances, and adhere to high-quality standards. With our many years of practical experience, we are able to adjust to your company’s unique needs and work with you to implement tailored solutions.

Increased Security Through Certified and Experienced Consultants

For your security and compliance, our consultants have earned a wide variety of certifications from organizations such as TÜV Rheinland, TÜV Nord, DEKRA, the Data Protection Certification Company mbH (DSZ), and the Federal Office for Information Security (BSI). They are available to you as certified data protection officers, data protection auditors (DSZ), ISO 27001 lead auditors, ISO 27001 audit team leaders of the BSI, IT baseline protection auditors (BSI), ISO 20000 auditors, and IT security officers to enhance security in your company.

Years of Experience

Our consultants have extensive practical, leadership, and project experience in the fields of data protection, information security, organizational development, and business processes across various corporate areas and industries in SMEs and large corporations. Within our team, we combine decades of knowledge and experience in implementing data protection requirements, as well as in the establishment, operation, and further development of data protection management systems. The wide range of our proven methods, procedures, and solutions enables a holistic approach to addressing challenges and helps to avoid mistakes.

Comprehensive Expertise

Our experienced and highly qualified data protection and information security team possesses interdisciplinary competencies in the areas of data protection, information security, law, and IT. The team, consisting of legal experts, IT professionals, economists, certified data protection officers, ISO 20000 auditors, IT security officers, as well as ISO 27001 auditors and ISO 27001 lead auditors, supports you in complying with legal requirements as an external data protection officer.
Through continuous training, education, and ongoing knowledge exchange in the fields of data protection and IT and information security, our consultants maintain a high level of expertise and stay up to date.

Participation in Data Protection Committees

Our data protection consultants are involved in various committees, including serving as spokespersons for the Northern Regional Group in the Professional Association of Data Protection Officers of Germany (BvD) e.V. and as members of the Society for Data Protection and Data Security e.V. (GDD). Additionally, Trigonum contributes to the development of project management methods and standards in international committees of the Project Management Institute.

Location Hamburg – Active Nationwide and Internationally

Trigonum GmbH – based in Hamburg, active nationwide and internationally. Depending on your needs and preferences, we advise our clients both on-site and remotely.

GDPR – What Benefits?

  • You are optimally prepared for authority inquiries and the requirements of the GDPR
  • You benefit from up-to-date expertise. Through regular training, we stay current and continue to learn for you!
  • You gain from a proven practical approach and a wide range of solution components and templates
  • Flexibility through personal consultation on-site or remotely

GDPR – What Benefits?

  • You are optimally prepared for authority inquiries and the requirements of the GDPR
  • You benefit from up-to-date expertise. Through regular training, we stay current and continue to learn for you!
  • You gain from a proven practical approach and a wide range of solution components and templates
  • Flexibility through personal consultation on-site or remotely

Our Approach to Implementing GDPR Requirements in the Company

To efficiently implement the requirements of the GDPR, a Data Protection Management System should be introduced. We have developed an approach model that allows companies to implement the requirements in a targeted manner. We individually assess the prerequisites and determine the current state in your company.