Independent. Dynamic. Involved.

Traxion’s AVG/GDPR Assessment offers you a clear overview of the topics that your organization still has to fine-tune for, under the new legislation. Examples include having insight into the personal data that your organization collects and processes, a procedure for reporting data leaks, appointing a Data Protection Officer (DPO)/Privacy Officer (PO) and creating privacy awareness among management and users.

Our integral GDPR/AVG services are aimed at optimally securing your information and the processing of personal data across the full range of people, processes and technology. Thanks to our many years of experience in the IAM (Identity and Access Management) field, we can easily explain the consequences of the GPDR/AVG. Our experience is that by using our services, control, flexibility and the efficiency of data protection for your organization are increased.


After going through the AVG/GDPR Assessment you will have:

  • an overview of the topics that the GDPR still considers you need to fine-tune.
  • an overview with possible data processing which you can use to set up your processing register
  • concrete recommendations on how the GDPR procedures associated with the various rights that individuals have, such as the right to be forgotten, can be implemented in your organization
  • Of course we do this based on the 10 steps of the Autoriteit Persoonsgegevens (AP, the Dutch Data Protection Authority) in the Netherlands and the 13 steps of the CBPL (Commissie voor de Bescherming van de Persoonlijke Levenssfeer) in Belgium.


The Algemene Verordening Gegevensbescherming (AVG), also known as the General Data Protection Regulation (GDPR), was adopted by the EU on May 24, 2016 and will be actively enforced as from May 25, 2018. After that date, all organizations and bodies must meet the obligations of the GDPR. If the obligations described within the GDPR are not complied with, the Dutch Data Protection Authority can impose huge fines of up to €20 million or, in some cases, 4% of the worldwide annual turnover.

Steps in the process

Using the Traxion AVG/GDPR Assessment we go through the following steps:

  1. Identifying stakeholders such as the Data Protection Officer and IT Manager in your organization.
  2. A technical scan of your network to identify possible data collections for the processing register to be set up.
  3. Check with stakeholders whether the overview of the data collections is complete and whether personal data are actually processed in all scanned databases.
  4. Interview with the stakeholders using the Traxion checklist. This is used to check whether the processes, procedures and technology comply with the GDPR’s obligations.


Our privacy consultants are all certified with internationally recognized IAPP certificates. In addition to their thorough knowledge about privacy and the AVG, they have a security background, which allows them to build a bridge with Security. As a customer you have the assurance that the FG or privacy officer of Traxion takes into account international market standards.

Please contact us for more information.