GDPR Compliance

Our GDPR Platform enables DPOs, Legal and Compliance teams to centrally track and manage the full range of technical and legal functions required to achieve, maintain and demonstrate GDPR compliance

Why

Many organisations around the world are unable to overcome technical, managerial, financial and/or logistical hurdles required to achieve and maintain GDPR compliance.

The consequences for non-compliance are high and violations can result in fines of up to 4% of global turnover or €20 million (whichever is greater).  Achieving compliance but failing to properly demonstrate it can result in fines of up to 2% of global turnover or €10 million.

Organisations struggle to know where to start on their journey to achieve and demonstrate compliance.

How

Our GDPR Platform streamlines and automates the entire GDPR compliance process by identifying and guiding teams through each obligation for which the organisation must demonstrate compliance, giving them the information resources they need to understand and meet its requirements and enabling effective project management and executive oversight through task delegation, team member dashboards, notifications and management reports.

Compliance team members across all business functions can work in concert and perform their work is a secure SaaS environment – removing the limits and inefficiencies of spreadsheets, email and document repositories.

Features and Benefits

Data Processing Assessments: Assess and demonstrate compliance with the GDPR requirements for lawfulness principles, lawful basis, purpose limitations, minimisation, special data categories, etc. (GDPR Articles 5-10, 22 & 30)

Privacy Notices: Publish proper privacy notices for all data collection points which reflect the outcome of each Data Processing Assessment (GDPR Articles 13 & 14)

Security Assessments: Assess each system to track and manage the use of required technical and organisational measures and document compliance with GDPR Article 32

Third Parties: Assess proper contractual compliance with third party data joint controllers, controllers, processors and sub-processors

Third Country Transfers: Ensure safeguards are in place for all third country personal data transfers between and among the organisation’s systems (GDPR Articles 46-49)

Data Subject Requests: Manage, track and document responses to data subject requests within the 30 day time limit (GDPR Articles 12 & 15-20)

Privacy by Design: Conduct threshold and, if applicable, full Data Privacy Impact Assessments “DPIAs” in accordance with required regulatory guidelines (GDPR Articles 35 & 36)

Breach Management: Track, manage and document the procedures needed to comply with GDPR breaches (GDPR Articles 33 & 34)