AI-based solution designed to automate personal data discovery and classification

Data Inventory

Discover personal data across multiple systems in the cloud or on-premise

Data Processing Inventory (ROPA)

Harbor cooperation between DPO, Legal Services, IT and Marketing

Data Subject Request

Turn data subjects request into an automated workflow with a clear insight into data every step of the way

Assessment Automation

Collaborate with stakeholders and manage DPIA and LIA in real-time with Assessment Automation

Third Party Management

Guide your partners trough vendor management process workflow

Risk Management

Identifying the risk from the point of view of Data Subject

Incident Management

Quickly respond, mitigate damage and maintain compliance

Consent and Preference Management

Data Removal

Introducing end-to end automation of personal data removal

State-of-Privacy-Assessment (SOPA)

Croatian DPA – AZOP imposed €380,000 GDPR fine on Sports Betting Company

18/05/2023

Croatian DPA AZOP imposed 2.26 million GDPR fine on the debt collection agency

05/05/2023

Learn the terms

European Court of Justice (ECJ)

Offensive Data Strategy

General Data Protection Regulation

Here you can find the official content of the Regulation (EU) 2016/679 (General Data Protection Regulation) in the current version. All Articles of the GDPR are linked with suitable recitals.

Latest papers

Legal & Ethical Review & Mastering Informed Consent for Clinical Trial Studies

22/03/2023

The Value of Data Discovery Solution In Pharmaceutical Industry

22/03/2023

Consent

What is consent?

Article 4(11) defines consent as any freely given, specific, informed, and unambiguous indication of an individual’s wishes regarding the processing of their personal data. Consent is one of the six lawful bases for data processing outlined in Article 6 of the GDPR, and its purpose is to give individuals control over their data.

Characteristics of consent

To be considered valid under the GDPR, consent must have several characteristics, including being given with affirmative action, being distinguishable from other matters, and being specific and granular. Additionally, the individual must be informed of the processing purpose, and there should be no influence or repercussions that can affect the individual’s choice.

It must be given with affirmative action, and processing purpose needs to be thoroughly explained to the individual.

There should be no influence or repercussions that can affect an individual’s choice.
It needs to be distinguishable from other matters
Consent can be given as a written statement, including the electronic form or oral form,
It needs to be given in an easily accessible form and clear and understandable language.
The data subject should be able to withdraw consent as easily as it was given without negative consequences for the data subject.
Consent should be an expression of the data subjects’ real choice.
Consent requires a positive opt-in, which means the methods of default consent are non-compliant.
Make sure it is specific and granular
Giving consent should not be a precondition for the service you provide

Consent should also be an explicit indication of the individual’s wishes, and the data subject should be able to withdraw consent as easily as it was given, without any negative consequences.

It must be given in an easily accessible form and clear and understandable language. It’s essential to note that consent cannot be assumed from silence or inaction, and pre-ticked boxes or implied consent are not considered valid under GDPR. Finally, giving consent should not be a precondition for the service provided.

Access Control

Accountability principle

Accuracy

Anonymization

Article 29 Working Party

Audit trail

Authentication

Behavioral Advertising

Biometric Data

Breach disclosure

California Consumer Privacy Act (CCPA)

California Online Privacy Protection Act (CalOPPA)

CIA Triad

Clinical Trial Regulation (CTR)

Compliance

Consent

Cookie consent

Cookies

Cross border processing

Cybersecurity

Dark Data

Data Breach

Data Controller

Data Governance

Data Graveyard

Data interception

Data Minimization

Data Privacy

Data Processor

Data Protection Authority

Data Protection Officer

Data Quality Management

Data Removal

Data Retention

Data Subject

De-identifiable data

Defensive Data Strategy

Direct Marketing

e-Privacy Directive

Encryption

EU member states

EU-US Privacy Shield

European Commission

European Council

European Court of Justice (ECJ)

European Data Protection Board (EDPB)

European Data Protection Supervisor (EDPS)

Explicit consent

Fairness

GDPR fines

GDPR Principles

General Data Protection Regulation

Genetic data

HIPAA

Incident response

Information Privacy

Invisible processing

Keylogging

Lawfulness

Lead Supervisory Authority (LSA)

Legal Basis for Processing

Machine learning

NDPR/ Nigeria Data Protection Regulation

NIST Privacy Framework

NYOB

Offensive Data Strategy

Opt-in

Opt-out

Payment Service Directive (PSD2)

Personal data

Personal Information Protection Law (PIPL)

Privacy by default

Privacy by design

Privacy risk assessment

Pseudonymization

Records of processing activities

Retention period

Right of access

Right to be forgotten

Right to be informed

Right to data portability

Right to object to processing

Right to rectification

Right to restrict processing

Rights (per GDPR)

Rights in relation to automated decision making and profiling

Risk assessment

Risk management

Sensitive personal data

Soft opt-in

Standard Contractual Clauses

Structured data

Third country

Third party

Transparency principle

Unstructured data

Virtual Private Network (VPN)

Focus on your priorities

Find a plan that's right for you

Latest Blog posts

Learn the terms

General Data Protection Regulation

Latest Papers

Latest Blog posts

Learn the terms

General Data Protection Regulation

Latest Papers

We are looking for resellers

Join us

Focus on your priorities

Find a plan that's right for you

Latest Blog posts

Learn the terms

General Data Protection Regulation

Latest Papers

Latest Blog posts

Learn the terms

General Data Protection Regulation

Latest Papers

We are looking for resellers

Join us

Latest Blog posts

Learn the terms

General Data Protection Regulation

Latest papers