Protective shield of your company
We are KVINNE GmbH, the efficient protective shield for your data.
For medium-sized companies facing new security laws and preferring vendor-neutral advice. We adapt to your needs and won’t push complex software on you.
Depending on how much support you need from us, we’ve developed various packages you can choose from individually.
We currently support around 50 clients in data protection and information security. Many industries are represented, from tax advisors and municipalities to public authorities and medium-sized businesses.
Managing Director Carina Thomas has been implementing information projects across Germany since 2016 and founded the company. We are currently a team of 3 employees.
As external data protection officers and information security officers, we at KVINNE GmbH Data Protection & Digital Consulting ensure security in your company. This allows you to fully concentrate on your core business.
Your company, your municipality, your employees, and your project are always at the center of our work.
The consultants at KVINNE GmbH work with you to develop solutions, identify optimization potential, and achieve goals in a legally compliant and efficient manner.
We provide your company with long-term and sustainable competitive, market, and marketing advantages while reducing liability risks. We look forward to your challenges!
KVINNE GmbH Data Protection & Digital Consulting is a member of the German Association for Data Protection and Data Security (GDD) e.V.
Your Benefits
High Quality
Through certifications in business administration, network technology, and data protection, we always find the optimal path for our clients.
No travel costs within the Dresden area.
Es entstehen Ihnen keine Reisekosten für persönliche Termine in Dresden.
Flexible appointment scheduling.
Due to the local proximity, your consultant is directly available to you if needed.
Since 2012, data security has been our focal point. Through years of experience in nationwide operations across various industries, a scalable implementation standard for medium-sized companies has been developed.
We collaborate with the IT specialists of the Dresden-based IT company ditpro.
Together and in partnership, we advise regional medium-sized companies on IT security, the planning and implementation of measures for the EU General Data Protection Regulation, as well as the implementation of technical and organizational measures (TOMs).
Download Company brochure
Why protect data?
There are various reasons to protect data within a company. On one hand, it's to gain the trust of employees, customers, and partners in handling their personal data. On the other hand, it's to comply with legal requirements at the German and EU levels. A particular focus is also placed on confidential data/information, which ensures the smooth operation of the company.
The goals of data protection and information security in a company are:
- Building trust with stakeholders
- Enhancing image
- Protection against fines
- Protection against the leakage of trade secrets
- Compliance with legal requirements such as:
The EU GDPR, the BDSG (new), ISO 27001:2015, the GeschGehG and the TKG.
KVINNE GmbH advises you and, upon your request, implements the project.
- Which data is confidential?
- Are the data subjects informed about the collection?
- Where is this data stored?
- Who has access to the data?
- How quickly can they be restored?
These questions are fundamental components of data protection and information security.
What is data protection / information security?
The EU GDPR is a European regulation aimed at strengthening the informational self-determination of individuals with respect to their data. Companies processing personal data in the EU face hefty fines for violating the transparency, co-determination, and protection requirements of the data.
Information security ensures the confidentiality, integrity, and availability of business information. It is implemented to protect against dangers or threats, to prevent economic damage, and to minimize risks.
In data protection and information security, there are legal, organizational, and technical requirements.
Legal measures
Legal measures are direct requirements from applicable laws, such as:
- The creation of privacy statements for data subjects
- The conclusion of agreements with data processors (DPAs)
- The signing of confidentiality agreements
- The obtaining of consents
- The creation of directories and plans
Organizational measures
Organizational measures specify certain behaviors for employees to implement legal requirements, for example:
- The definition of a guideline
- The instructions for handling IT systems
- The password polic
- The process for handling a data breach
- The conduct of training sessions
Technical measures
Technical measures ensure the protection of data in the systems, within the building, and on the premises. For example:
- Perimeter protection
- Video surveillance
- Various encryption mechanisms
- The firewall settings
- The logging of user activities
- The creation of redundancies
What do we do?
The employees of KVINNE GmbH work together with you to develop the initial and subsequent milestones for implementing the EU GDPR or an ISMS according to ISO 27001:2015.
We will begin with a basic check.
In this, we gain an understanding of your company’s structure, business purpose, and the processing of your distributed data.
From this foundation, the further course of action is derived.
Data protection and information security are a process.
We are happy to return and will adjust your processes when requirements change, when your company expands, or when compliance details need to be refined.
You can find more information here:
Through regular exchange of experience in committees and professional associations, we are always up to date. Our partners include experienced lawyers, an established IT systems provider, and industry specialists.
Benefit from our experience!
English 
German