As a service provider in information technology, Adon is expressly committed to the rules of the European Data Protection Basic Regulation and makes every effort to ensure the protection of the personal data of our customers, partners and employees at all times through appropriate technical and organisational measures.


Adon has appointed an independent, external data protection officer who, together with our internal data protection officers, has designed the DSGVO-compliant measures and reviews the existing data protection structures of our company in regular audits.

In detail, the following measures have been/will be implemented:

1. Review of the existing data protection structures
2. Identification of business processes in need of protection
3. Design and implementation of a data protection concept
4. Implementation of the technical and organisational measures
5. Concepts and design of IT security in data protection (Art. 32 DSGVO)
6. Creation or completion of the list of processing activities
7. Creation of data erasure concepts
8. Development of an information security management system (ISMS)
9. Development of an IT security structure
10. Identification of vulnerabilities, threat scenarios and risks
11. Implementation of a continuous improvement process
12. Planning, carrying out and evaluating internal and external audits

The data protection officer of Adon:

Ralf A. Lanz
Ernastraße 10
53881 Euskirchen

Phone: +49 (0) 2255 9218-235
Fax: +49 (0) 2255 9218-223


Personal data are processed within the scope of the planning, execution and follow-up of events by the client (customer). In Evention®, personal data are data of guests (participants) who, depending on the intended use, may be employees, customers, partners, service providers or other natural persons or groups of persons. In this respect, the regulations and legal provisions for the protection of the processing of personal data in accordance with the DSGVO apply in principle.

In general, the client is primarily responsible for compliance with the DSGVO guidelines and must demonstrate compliance with the principles by taking appropriate measures.

Art. 5 of the DSGVO explicitly lists the following six principles for the processing of personal data:

1. Lawfulness, fairness of processing, transparency
2. Purpose limitation (processing for specified, explicit and legitimate purposes only)
3. Data minimisation ("proportionate and significant to the purpose and limited to the extent necessary")
4. Accuracy ("all reasonable steps shall be taken to ensure that [inaccurate] personal data are deleted or rectified without delay")
5. Limitation of storage (data must be "stored in a form which permits identification of data subjects only for as long as is necessary")
6. Integrity and confidentiality ("adequate security of personal data [...], including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage")

As part of the introduction of Evention®, we recommend carrying out a customer-specific data protection audit in which the

1. Legality
2. Purpose limitation
3. Adequacy and
4. Correctness

of the guest data are first checked and on this basis an individual data protection concept is designed and implemented.

Evention® provides a range of tools specially designed to meet the DSGVO requirements for all the technical measures required:

1. High application security through implementation of the OWASP Application Security Verification Standard (ASVS)
2. Complete configurability of the data depth of all content objects and entities to implement concepts for data minimization
3. High operational reliability due to free choice of server location and operating model (cloud or in-house on-premise operation)
4. Hierarchical rights and roles concept via the instances system, client, object and function for securing data integrity
5. Complete logging to identify misentries and vulnerabilities, and to detect hacker attacks


Selected References

Discover Evention®

Get your free test account now