The General Data Protection Regulation (GDPR) places a series of responsibilities on your organisation. The GDPR determines how you need to protect the personal data of, for example, your customers, employees and partners in order to be compliant.
Provide the foundation for data protection in your organisation
In order to protect personal data, you need to have an overview of processing activities, including why and how you process data. The overview of processing activities is the foundation for:
- Assessing whether the processing of personal data is allowed (Art. 5, Art. 6).
- Assessing and managing privacy risk (Art. 35).
- Managing suppliers for which you hold responsibility (Art. 28, Art. 32).
- Acting to data-subject requests (Art. 15–24).
- Acting to personal data breaches (Art. 33, Art. 34).
Privacy Nexus provides a clear overview of the data your organisation is storing and processing, which can be easily searched and filtered. The Data-Inventory Module makes it easy. The Third-party Management Module allows you to manage your suppliers and Data-Processing Agreements. The DPIA module assists you in Data-Protection Impact Assessments.
Adopt a risk-based approach towards data-protection efforts
With a risk-based approach, you can allocate efforts according to privacy risks, making sure that you achieve compliance in the most effective way. With Privacy Nexus, you can adopt such a risk-based approach by:
- Creating valuable insight into risks.
- Identifying unusual situations so you can take immediate action.
- Monitoring privacy-compliance progress.
The Privacy Nexus dashboard provides you with a clear overview of the compliance status of your data inventory, DPIAs and Third-party Management. Collecting underlying information in your organisation is made really easy.
Achieving and demonstrating GDPR compliance
Your organisation needs to demonstrate compliance (“accountability”) under the GDPR. With Privacy Nexus, you monitor your privacy compliance and demonstrate that your organisation is meeting requirements and maintaining its compliance.
Privacy Nexus helps you comply with GDPR requirements in many different ways.
The following overview shows the relationships between specific GDPR articles and Privacy Nexus:
|Introduction of specific GDPR requirements appropriately to determine if they apply to your organisation and get insight into risk.||Art. 7-10, 26, 28 and 44-49|
|Demonstration of compliance.||Art. 24|
|Maintenance of a record of processing activities.||Art. 30|
|Relating organisational and technical measures to data-subject risks.||Art. 32|
|Checking whether your suppliers process data exclusively according to your instructions.||Art. 29|
|Performing Data Protection Impact Assessments.||Art. 35|
|Greatly reducing the risk of getting fined.||Art. 83, 84|
|Greatly reducing the risk of paying compensation to data subjects.||Art. 82|
|Helping the Data Protection Officer to perform his/her tasks.||Art. 39|
|Preparing for certification.||Art. 42|
Read more about GDPR
Interested in more detailed hands-on information about the GDPR? Please check out our pocket guide European privacy regulation.