EU General Data Protection Regulation

The EU General Data Protection Regulation (EU GDPR) will bring major changes to companies across Europe. This regulation, which came into effect on 25 May 2018, gives EU citizens easier access to and more control over their personal data.


EU GDPR means a substantial change in how companies worldwide handle personal data from identifiable EU citizens. All companies that own or process data of EU citizens, offer goods or services to consumers in the EU, or save the data of EU citizens are affected.


The data protection regulation is designed to protect natural persons (i.e. not legal entities) during the steps of data processing. Personal data is defined here as a data record that shows certain informational content about an individual person and can be assigned to the affected party. 


 Key changes in EU GDPR:


  • Right to data transfer
    The affected party has the right to receive his or her personal data in a machine-readable format in order to transfer it to another service.

  • Right to be forgotten
    The individual has the right for his or her personal data to be deleted under certain requirements within a given period of time.

  • Burden of proof
    The data processor is required to not only conduct data processing tasks in compliance with data privacy regulation but also provide proof thereof if necessary.

  • Restricted usage
    Aside from very few exceptions, personal data may only be used for the purpose for which it was collected.


Our on-demand webinars keep you informed on how you can benefit from our solutions for risk management, ISMS and GRC. Learn from the hands-on experience of our clients and experts. Our current library includes:


Data Protection with risk2value

View the webinar


The "Three Lines of Defense" - a matter of corporate culture

View the webinar

Implementing EU GDPR

Before the new EU data protection regulation comes into effect on 25 May 2018, companies will need to identify and implement the necessary changes. More frequent and extensive audits are to be expected in the future. Failure to comply can result in severe penalties of up to 20 million euros or 4 % of total annual revenues. Companies, therefore, are strongly advised to address this topic in a structured manner and take appropriate actions.


To provide fast support, avedos has designed a data protection management solution to support the implementation of data privacy policies that comply with the new EU regulation. Along with its large network of partners, avedos also provides vast expertise in all issues related to EU General Data Protection Regulation. 

About avedos

avedos GRC GmbH is a European software vendor that has specialized in developing integrated solutions for Governance, Risk und Compliance (GRC). avedos software solutions serve as a link between business operations and top management to enable risk-conscious, value-driven decisions in today’s complex business world. The software platform risk2value supports a wide range of GRC disciplines including enterprise risk management, internal control systems, compliance management, audit management and information security management. Its clients include the world’s largest and most successful automobile manufacturers, insurance companies, telecommunications providers and retailers. 





Questions? Simply complete our online contact form, give us a call, or send us an email.
We look forward to hearing from you!

Romana Hanig



Romana Hanig
Sales Executive

+43 1 3670876-136

Marcus Noetzel



Marcus Noetzel
Head of Sales

+49 170 5564007