AI-based solution designed to automate personal data discovery and classification

Data Inventory

Discover personal data across multiple systems in the cloud or on-premise

Privacy Program Automation

Data Processing Inventory (ROPA)

Harbor cooperation between DPO, Legal Services, IT and Marketing

Data Subject Request

Turn data subjects request into an automated workflow with a clear insight into data every step of the way

Assessment Automation

Collaborate with stakeholders and manage DPIA and LIA in real-time with Assessment Automation

Third Party Management

Guide your partners trough vendor management process workflow

Risk Management

Identifying the risk from the point of view of Data Subject

Incident Management

Quickly respond, mitigate damage and maintain compliance

Consent and Preference Management

Data Removal orchestration

Data Removal

Introducing end-to end automation of personal data removal

Services

State-of-Privacy-Assessment (SOPA)

Support

Professional Services

Pricing plans

Talk to sales

Resources

Latest Blog posts

11 Steps to Jumpstart Your Compliance Process

15/11/2023

Saudi Arabia’s Personal Data Protection Law (PDPL)

05/11/2023

How to conduct Legitimate Interests Assessment (LIA) ?

15/10/2023

Learn the terms

Data Privacy

Direct Marketing

Rights (per GDPR)

Cookies

Pseudonymization

GDPR fines

Third country

Cross border processing

General Data Protection Regulation

Here you can find the official content of the Regulation (EU) 2016/679 (General Data Protection Regulation) in the current version. All Articles of the GDPR are linked with suitable recitals.

Latest papers

India’s Digital Personal Data Protection Act DPDP

13/10/2023

Saudi Arabia’s Personal Data Protection Law PDPL

24/08/2023

Legal & Ethical Review & Mastering Informed Consent for Clinical Trial Studies

22/03/2023

Partners

Become a partner

About us

Careers

General Data Protection Regulation (GDPR)

GDPR

>

Chapter 4 >

Art. 24 — Responsibility of the controller

Article 24

Responsibility of the controller

Chapter 4

¹Taking into account the nature, scope, context and purposes of processing as well as the risks of varying likelihood and severity for the rights and freedoms of natural persons, the controller shall implement appropriate technical and organisational measures to ensure and to be able to demonstrate that processing is performed in accordance with this Regulation. ²Those measures shall be reviewed and updated where necessary.
Where proportionate in relation to processing activities, the measures referred to in paragraph 1 shall include the implementation of appropriate data protection policies by the controller.
Adherence to approved codes of conduct as referred to in Article 40 or approved certification mechanisms as referred to in Article 42 may be used as an element by which to demonstrate compliance with the obligations of the controller.

Suitable recitals

(74) Responsibility and Liability of the Controller, (75) Risks to the Rights and Freedoms of Natural Persons, (76) Risk Assessment, (77) Risk Assessment Guidelines

General Data Protection Regulation (GDPR)

Suitable recitals

(74) Responsibility and Liability of the Controller, (75) Risks to the Rights and Freedoms of Natural Persons, (76) Risk Assessment, (77) Risk Assessment Guidelines