AI-based solution designed to automate personal data discovery and classification

Data Inventory

Discover personal data across multiple systems in the cloud or on-premise

Privacy Program Automation

Data Processing Inventory (ROPA)

Harbor cooperation between DPO, Legal Services, IT and Marketing

Data Subject Request

Turn data subjects request into an automated workflow with a clear insight into data every step of the way

Assessment Automation

Collaborate with stakeholders and manage DPIA and LIA in real-time with Assessment Automation

Third Party Management

Guide your partners trough vendor management process workflow

Risk Management

Identifying the risk from the point of view of Data Subject

Incident Management

Quickly respond, mitigate damage and maintain compliance

Consent and Preference Management

Data Removal orchestration

Data Removal

Introducing end-to end automation of personal data removal

Services

State-of-Privacy-Assessment (SOPA)

Support

Professional Services

Pricing plans

Talk to sales

Resources

Latest Blog posts

11 Steps to Jumpstart Your Compliance Process

15/11/2023

How to conduct Legitimate Interests Assessment (LIA) ?

15/10/2023

Data Discovery and GDPR-first step towards compliance

Data Discovery: Advancing your privacy program

08/10/2023

Learn the terms

Data Graveyard

Access Control

Opt-in

California Consumer Privacy Act (CCPA)

Lead Supervisory Authority (LSA)

Data Processor

Data Removal

Opt-out

General Data Protection Regulation

Here you can find the official content of the Regulation (EU) 2016/679 (General Data Protection Regulation) in the current version. All Articles of the GDPR are linked with suitable recitals.

Latest papers

India’s Digital Personal Data Protection Act DPDP

13/10/2023

Saudi Arabia’s Personal Data Protection Law PDPL

24/08/2023

Legal & Ethical Review & Mastering Informed Consent for Clinical Trial Studies

22/03/2023

Partners

Become a partner

About us

Careers

General Data Protection Regulation (GDPR)

GDPR

>

Chapter 1 >

Art. 3 — Territorial scope

Article 3

Territorial scope

Chapter 1

This Regulation applies to the processing of personal data in the context of the activities of an establishment of a controller or a processor in the Union, regardless of whether the processing takes place in the Union or not.
This Regulation applies to the processing of personal data of data subjects who are in the Union by a controller or processor not established in the Union, where the processing activities are related to:
1. the offering of goods or services, irrespective of whether a payment of the data subject is required, to such data subjects in the Union; or
2. the monitoring of their behaviour as far as their behaviour takes place within the Union.
This Regulation applies to the processing of personal data by a controller not established in the Union, but in a place where Member State law applies by virtue of public international law.

Suitable recitals

(22) Processing by an Establishment, (23) Applicable to Controllers/Processors Not Established in the Union if Data Subjects Within the Union are Targeted, (24) Applicable to Controllers/Processors Not Established in the Union if Data Subjects Within the Union are Profiled, (25) Applicable to Controllers Due to International Law