AI-based solution designed to automate personal data discovery and classification

Data Inventory

Discover personal data across multiple systems in the cloud or on-premise

Data Processing Inventory (ROPA)

Harbor cooperation between DPO, Legal Services, IT and Marketing

Data Subject Request

Turn data subjects request into an automated workflow with a clear insight into data every step of the way

Assessment Automation

Collaborate with stakeholders and manage DPIA and LIA in real-time with Assessment Automation

Third Party Management

Guide your partners trough vendor management process workflow

Risk Management

Identifying the risk from the point of view of Data Subject

Incident Management

Quickly respond, mitigate damage and maintain compliance

Consent and Preference Management

Data Removal

Introducing end-to end automation of personal data removal

State-of-Privacy-Assessment (SOPA)

Unstructured Data: What it is and How to Discover it

14/09/2023

Learn the terms

Right to data portability

General Data Protection Regulation

Here you can find the official content of the Regulation (EU) 2016/679 (General Data Protection Regulation) in the current version. All Articles of the GDPR are linked with suitable recitals.

Latest papers

Saudi Arabia’s Personal Data Protection Law PDPL

24/08/2023

Legal & Ethical Review & Mastering Informed Consent for Clinical Trial Studies

22/03/2023

The Value of Data Discovery Solution In Pharmaceutical Industry

22/03/2023

Principles of Data Processing

¹Any processing of personal data should be lawful and fair. ²It should be transparent to natural persons that personal data concerning them are collected, used, consulted or otherwise processed and to what extent the personal data are or will be processed. ³The principle of transparency requires that any information and communication relating to the processing of those personal data be easily accessible and easy to understand, and that clear and plain language be used. ⁴That principle concerns, in particular, information to the data subjects on the identity of the controller and the purposes of the processing and further information to ensure fair and transparent processing in respect of the natural persons concerned and their right to obtain confirmation and communication of personal data concerning them which are being processed. ⁵Natural persons should be made aware of risks, rules, safeguards and rights in relation to the processing of personal data and how to exercise their rights in relation to such processing. ⁶In particular, the specific purposes for which personal data are processed should be explicit and legitimate and determined at the time of the collection of the personal data. ⁷The personal data should be adequate, relevant and limited to what is necessary for the purposes for which they are processed. ⁸This requires, in particular, ensuring that the period for which the personal data are stored is limited to a strict minimum. ⁹Personal data should be processed only if the purpose of the processing could not reasonably be fulfilled by other means. ¹⁰In order to ensure that the personal data are not kept longer than necessary, time limits should be established by the controller for erasure or for a periodic review. ¹¹Every reasonable step should be taken to ensure that personal data which are inaccurate are rectified or deleted. ¹²Personal data should be processed in a manner that ensures appropriate security and confidentiality of the personal data, including for preventing unauthorised access to or use of personal data and the equipment used for the processing.

Latest Blog posts