Data protection

Why did it have to be me? Because I just threw the delivery note from my last order into the waste paper bin, organized criminals could easily place orders using my customer number and my address - and I paid for everything.

It's the first and last time that happens to me! From now on, all documents which I no longer need but which have my personal details on them will go straight into an HSM document shredder.

Why did it have to be me? I threw my client's tax documents into the bin, a reporter of all people fished them out and made it public. I am now seriously worried about my good reputation.

It's the first and last time that happens to me! From now on, all documents from a client which I no longer need will go straight into an HSM document shredder.

Why did it have to be me ? I threw important development plans into the paper bin without thinking and now my company is being blackmailed. I either pay the money or the competition gets the plans.

It's the first and last time that happens to me ! From now on, all hard copies which are no longer needed will go straight into an HSM document shredder.

Responsibility for organising data protection lies with companies.

From 25 May 2018, the European General Data Protection Regulation replaces all previous data protection laws and applies throughout the EU.


It is important that you know the following information:

From 25 May 2018, the EU-GDPR will regulate and harmonise the processing of personal data within the European Union (EU).

What are personal data?


All individual information about people’s personal or material circumstances. For example, name, age, marital status, telephone number, e-mail address, vehicle registration number, medical records and evaluations such as testimonials.

What does that mean for you?

Complete documentation and information obligation:

If personal data are collected, the person responsible must provide and ensure complete documentation regarding the purpose, duration, storage and deletion of the data.

  • Chapter 3, Article 13, Paragraph 1 GDPR, Duty of information and right to information.
    When personal data are collected, the controller must provide and ensure complete documentation about their purpose, period, storage and erasure.
  • Chapter 3, Article 17, Paragraph 1 and 2 GDPR, Right to be forgotten.
    The controller is obliged to immediately and completely delete the data collected on request. They must ensure that all links to these personal data or any copies are irrevocably destroyed. For exceptions, see paragraph 3, e.g. for fulfilment of a legal obligation, such as order processing.
  • Chapter 4, Article 32, Paragraph 2 GDPR, Security of processing.
    • Technical and organizational measures to adequately protect individuals. Personal data may only be processed on the instructions of a controller and a confidentiality agreement to this effect must be reached.
    • A regular process for reviewing the measures taken for data security. A regular process for the monitoring of the data protection measures taken.
    • EU-wide obligation for organisations to employ a data protection officer

      See Chapter 4 for the award of shredding contracts to external service providers.

Stricter imposition of fines:

The sanction framework has been substantially tightened. Infringements of the provisions shall be subject to fines of up to 20 million euros or up to 4% of the worldwide annual turnover for the preceding financial year.

  • Chapter 4, Article 33, Paragraph 1 GDPR, Reports of breaches of protection.
    In the event of a breach of the protection of personal data, the person responsible shall immediately report the incident to the relevant supervisory authority pursuant to Chapter 6, Article 51.
  • Chapter 8, Article 83, Paragraph 4 and 5 GDPR, Imposing fines.
    The sanction framework has been substantially tightened. Infringements of the provisions shall be subject to fines of up to 20 million euros or up to 4% of the worldwide annual turnover for the preceding financial year.

Be safe rather than sorry...

and destroy personal documents at their source. At the workplace itself.



HSM provides the right solution for all security needs. We will help you choose the right shredder

Would you like to learn more about the subject of data protection and protection classes? Then click here .


To find the right shredder