Lawful Bases
For each use of personal data you are required by law to
choose an appropriate lawful basis in order to process correctly. Our systems
enable you to choose simply and easily which basis you deem as the most appropriate
– and then provide evidence of this choice.
Digital Security Gap Analysis
Knowing where to focus your attention is key to your ongoing
data protection responsibilities. Our simple traffic light system enables you
to see at a glance where the key security issues lie thus enabling you to
prioritise which of your systems need immediate attention.
Supplier Management
If your organisation is a data processor or joint data
controller, you will be required to evidence that you have all relevant
contracts in place with your data controller.
If you are a data controller you will need to be able to
evidence that you have documentation in place which informs all of your suppliers
what you expect from them and/or what they have in place from a GDPR perspective.
Our systems enable you to upload the relevant contracts for your ease and convenience.
Reporting
For ease of reporting to senior management or your
supervisory authority we have created 3 reports for your benefit.
- Accountability – Engaging with the GDPR creates
a lot of information – this report distils that information into relevant
summaries of the key information required – it identifies your inbound and
outbound data flows and includes each use of personal data, which data is
included, your purpose for using it, your chosen lawful basis, your retention
period and where you send the data.
- Gap Analysis – being able to see at a glance
where the gaps are in your OFFICE system as a whole is critical to the smooth
ongoing management of your GDPR responsibilities. Our Gap Analysis report
enables you to see which assets need attention, which personnel need assigning
and which personal data fields need attention.
- Personal Data Locator – when a request for
information comes into your organisation, you need to be able to move quickly to
answer the request or question. The Personal Data Locator report will tell you
where each type of personal data that your organisation processes is held or
used. This could be on an asset or in a data flow. You can also choose to only
find data that relates to children should you need to.
Documentation
- Creation
– One of the key responsibilities that your organisation has is to have up to
date relevant policies and procedures. Each of our systems gives you bespoke documentation
which includes a breach management policy and procedure, subject access request
documentation, privacy policy and for CCTV a public notice document. All
documentation is updated automatically as you use the system so you don’t have
to worry about trawling through old paper documents to try and update them
every year!
- Upload – Of course you may have already spent lots
of money on having your own documents written so we give you a place to store
all of your relevant data protection documentation so that you don’t have to
move the water cooler to find the policy you are looking for!
Unlimited Users
There are different people with different levels of access
to personal data within your organisation. Some will need access to your OFFICE
or CCTV GDPR System and others won’t even know it exists! We don’t want you to
be hamstrung by this, so you have the opportunity to add unlimited users to
enable you to demonstrate full transparency and accountability. You can even
add outside suppliers to the system (IT company for example) so that they can
populate the system with the information you pay them to know and then you can
delete them afterwards.
Bespoke Management overview Facility
If your organisation has many different locations or departments
it represents a data protection management nightmare. This system enables your
DPO or organisations lead on data protection to access, view and report at a
granular level on your organisation as a whole whilst being able to drill down
to each site’s specific progress with their data protection responsibilities.
Want to know more? Give us a call or email us on Tel:01865 600 410 | info@GDPRsystems.co.uk