Skip to content
Trigonum Logo
  • companyCompany
    • Trigonum partners working togetherManagement
    • Icon ideaPhilosophy
    • Icon GoalTarget Groups – Branches
    • Icon Ideas exchangeConsulting Approach
    • Icon StärkeOur Competences
    • Ziel erreichtReference Projects
    • Icon JobCareer
  • Icon securityInformation Security
    • ChecklistQuick Check Information Security
    • Automobil TISAXVDA Information Security
    • CameraInformation Security Concept
    • Icon attentionRisk Management Consulting
    • NotebookISMS
    • Icon IT ConsultantInformation Security Officer
    • ISO 27001ISO 27001 Certification
    • Icon ISMS safeISMS Critical Infrastructures
    • Cloud securetySafely in the Cloud
  • law, GDPR, DSGVOData Privacy
    • ChecklistExternal Data Privacy Check
    • Notes Requirements ManagementData Privacy Documentation
    • Icon privacy policyData Privacy Concept
    • GDPR, DSGVOGDPR
    • Dokumentation VerarbeitungData Processing Register
    • Icon IT ConsultantTOM Check
    • data protectionExternal Data Privacy Officer
    • instructionEmployee Sensitisation
    • FormContract Processing
    • Icon PINCombined Security
  • Ihre Spezialisten für InformationssicherheitProject Management
    • Requirements Management
    • Icon MeetingProject Management & Consulting
    • Icon PortfolioPortfoliomanagement
    • recordsMethods & Standards
    • instructionProject Management Training
  • Icon SharePointSharePoint
    • NotebookISMS Portal
      • recordsDocument Management
      • magnifier, flawAudit Management
      • Asset Register
      • Processing DescriptionRecords of processing activities
      • FunktionSharePoint Workflows
      • Icon AchtungRisk Management
      • Icon privacy policyPrivacy Impact Assessment
      • Supplier Management
      • Contract management
      • Measure Management
      • DashboardReporting / KPIs / Dashboards
      • Process Management
      • Project planProject Management
    • FunctionQM Portal
    • ChecklistRevision Tool
    • Dokumentation VerarbeitungRecords of processing activities
    • ICON ToolsEmergency and fault management
  • schoolTraining
    • instructionClassroom Training
    • Icon eLearningelearning Portal
  • Deutsch
  • companyEnterprise
    • Trigonum partners working togetherManagement
    • Icon ideaPhilosophy
    • Icon GoalTarget Groups & Branches
    • Consulting approach
    • Icon strongOur competences
    • achieveReference projects
    • Icon JobCareer
  • Icon securityInformation Security
    • ChecklistQuick Check Information Security
    • Icon AutoVDA Information Security Assessment
    • CameraInformation Security Concept
    • Icon attentionRisk Management Consulting
    • NotebookISMS
    • Icon IT ConsultantInformation Security Officer
    • ISO 27001ISO 27001 Certification
    • ISMS critical infrastructures
    • Cloud securetySafely in the Cloud
  • DSGVO & BDSG neuData Privacy
    • ChecklistExternal Data Privacy Check
    • letterData Privacy Documentation
    • data protectionData Privacy Concept
    • European Union flagGDPR
    • Processing DescriptionData Processing Register
    • ConstulantTOM Check
    • Icon DS ExperteExternal Data Privacy Officer
    • instructionEmployee Sensitisation
    • data protectionContract Processing
    • Icon PINCombined Security
  • planProject Management
    • DashboardRequirements Management & IT Governance
    • Project Management Training MeetingProject Management & Consulting
    • Icon PortfolioPortfoliomanagement
    • Icon DocumentationProject Management Methods & Standards
    • instructionProject Management Training
  • Icon SharePointSharePoint
    • ISMS Portal
    • Icon TeamsQM Portal
    • ChecklistThe revision tool
    • ICON toolsEmergency and fault management
    • Icon DocumentationDocument Management
    • magnifier, flawAudit Management
    • Asset Register
    • Processing DescriptionRecords of processing activities
    • Icon privacy policyPrivacy Impact Assessment
    • Contract management
    • Measure Management
  • schoolTraining
    • Icon SchulungClassroom Training
    • graduateelearning Portal
  • Deutsch
  • Digitalisierung
  • SharePoint Workflows
  • Collaboration (Teams)
  • Prozessmanagement
GDPRschmidtkev2020-11-25T13:29:24+01:00
European Union flag

GDPR

GDPR, DSGVO

What is the purpose of the EU Data Privacy Basic Regulation?

The Basic Data Privacy Regulation (GDPR) protects the fundamental rights and freedoms of natural persons and in particular their right to the protection of personal data. It protects natural persons against the impairment of their personal rights insofar as their personal data are processed.
The GDPR applies to all natural persons and companies in Europe and companies outside Europe that are active on the European market. Until now, the respective national data privacy laws have been very different in the individual countries of the EU. European data privacy directives have been transposed into national law in various ways by the independent and autonomous supervisory authorities of the respective countries. The inconsistency of European data privacy law was brought to an end with the GDPR.

What are the new requirements?

IT security and privacy

The DSGVO presents companies with new challenges. These include, but are not limited to:

  • More extensive obligations to provide evidence and documentation
  • Additional rights of those affected, such as extended information obligations, the right to be forgotten, data portality
  • Establishment of a reporting procedure to report data privacy violations to the supervisory authorities within 72 hours
  • Processing activities of personal data must be documented both on the part of the client and on the part of the contractor.
  • Technical and organisational measures must be defined and implemented on the basis of a risk-based procedure

Heavier sanctions

Penalties for data breaches have been increased. Violations may result in fines of up to €20 million or 4% of the total annual worldwide revenue, whichever is the greater. These fines can have serious consequences for companies. In order to avoid these, companies should deal with the requirements of the GDPR in good time and pay particular attention to the documentation and verification obligations as well as the data protection processes.

Data privacy experts

Our data privacy officers advise companies on how to integrate the complex requirements of effective data privacy into their business processes. We support companies in developing processes to process personal data on the basis of current laws and guidelines. Our consultants will work with you to determine your status and assist you in developing the necessary concepts for setting up a data privacy management system that is suitable for your company to implement the requirements of the GDPR.
We can draw on our many years of experience and methods in setting up management and, in particular, information security management systems. In the field of data privacy and information security our experts have the qualifications as certified data protection officers, data privacy auditors TÜV, ISO 27001 auditor, ISO 27001 auditors based on BSI, IT-Grundschutzauditor (BSI), IT-Sicherheitsbeauftragte (BVSW, DIHK), ISO 20000 auditors, ITIL v3, Project Management Professional (PMI) and PRINCE2. Trigonum is also an active member of the data privacy associations of the BvD e.V. and the GDD e.V..

European Union flag

GDPR

GDPR, DSGVO

What is the purpose of the EU Data Privacy Basic Regulation?

The Basic Data Privacy Regulation (GDPR) protects the fundamental rights and freedoms of natural persons and in particular their right to the protection of personal data. It protects natural persons against the impairment of their personal rights insofar as their personal data are processed.
The GDPR applies to all natural persons and companies in Europe and companies outside Europe that are active on the European market. Until now, the respective national data privacy laws have been very different in the individual countries of the EU. European data privacy directives have been transposed into national law in various ways by the independent and autonomous supervisory authorities of the respective countries. The inconsistency of European data privacy law was brought to an end with the GDPR.

IT security and privacy

What are the new requirements?

The DSGVO presents companies with new challenges. These include, but are not limited to:

  • More extensive obligations to provide evidence and documentation
  • Additional rights of those affected, such as extended information obligations, the right to be forgotten, data portality
  • Establishment of a reporting procedure to report data privacy violations to the supervisory authorities within 72 hours
  • Processing activities of personal data must be documented both on the part of the client and on the part of the contractor.
  • Technical and organisational measures must be defined and implemented on the basis of a risk-based procedure

Heavier sanctions

Penalties for data breaches have been increased. Violations may result in fines of up to €20 million or 4% of the total annual worldwide revenue, whichever is the greater. These fines can have serious consequences for companies. In order to avoid these, companies should deal with the requirements of the GDPR in good time and pay particular attention to the documentation and verification obligations as well as the data protection processes.

Data privacy experts

Our data privacy officers advise companies on how to integrate the complex requirements of effective data privacy into their business processes. We support companies in developing processes to process personal data on the basis of current laws and guidelines. Our consultants will work with you to determine your status and assist you in developing the necessary concepts for setting up a data privacy management system that is suitable for your company to implement the requirements of the GDPR.
We can draw on our many years of experience and methods in setting up management and, in particular, information security management systems. In the field of data privacy and information security our experts have the qualifications as certified data protection officers, data privacy auditors TÜV, ISO 27001 auditor, ISO 27001 auditors based on BSI, IT-Grundschutzauditor (BSI), IT-Sicherheitsbeauftragte (BVSW, DIHK), ISO 20000 auditors, ITIL v3, Project Management Professional (PMI) and PRINCE2. Trigonum is also an active member of the data privacy associations of the BvD e.V. and the GDD e.V..

Icon Meeting

Our Approach

A data privacy management system should be installed to ensure efficient implementation of the requirements. We have developed a process model with which companies can implement the requirements in a targeted manner. We check the requirements individually and assess the current situation in your company.

Project initialisation

Project plan

Defining the framework conditions and resources for the project as well as the project organisation and the project procedure.

GAP Analysis

Dashboard

Inventory and identify deviations from data privacy requirements.

Concept development

Project plan

Development of tailor-made data privacy processes and concepts for the data privacy management system.

Implementation

gear

Implementation of the defined processes and concepts.

Start of DPMS

Living data privacy: Continuous planning, monitoring and improvement of data privacy in the company.

jigsaw puzzle

Related Services

Data Privacy Incident Management

If a data privacy incident should occur with the responsible person or a processor working for him, it may be necessary to notify the supervisory authority responsible for him within 72 hours and, if necessary, to inform the persons concerned. An appropriate procedure must therefore be implemented for the processing of data privacy incidents in order to be able to comply promptly with the requirements of the law regarding the containment of the severity of the incident and the duty to provide information.

Read more

Data processing register

Answering questions such as “In which processing are personal data processed?” or “Who has access to the data processed within the processing?” is often not easy for those responsible – there is a lack of transparency about this. A first step towards transparency is the collection of the relevant information on the individual processing operations, such as clarification of the legal basis, data transfer or technical and organisational measures to ensure data privacy.

Read more

TOM Check

Companies that collect, process or use personal data are obliged to take the technical and organisational measures (TOM) necessary to comply with the provisions of the DSGVO. Measures from the following areas are to be taken, provided that their expenditure is proportionate to the intended protective purpose.

Read more
Imprint  |  Privacy Policy | Downloads
Copyright by Trigonum GmbH | All Rights Reserved
  •  

Go to Top