GDPR Management
👜

GDPR Management

One key challenge in today's strict privacy regulations like GDPR is to properly document all processing activities with the relevant data subjects, nature of data processed, legal basis of processing, your role in the processing, where the data comes from, where the data is located, who it will be sent to, and what you will do for data retention and disposal.

Dedicated document types

We created several dedicated document types that come with their own templates and behaviours, allowing you to do a full GDPR management as required by the regulation.


Data processing activity

This document type is at the basis of your documentation, and will allow you to directly link/create your assets (e.g. suppliers, systems, data, ...) while at the same time asking you for all relevant processing activity properties (document properties) during its creation.



Visualize dependencies 

Using our linked documents and dependency tracker graph visualisation, you quickly can see all relations of a specific processing activity

Inventory of GDPR data

Using our Inventory overview module, you can quickly list all relevant GDPR data you documented in your workspace in a grouped way

And per document type with an overview on all document properties. Here an example on the data processing activities


Global dependencies

Using our collections module you can get an overview of multiple processing activities and their dependencies



Managing suppliers

A key challenge in GDPR or any privacy management system, is the management of suppliers. Using Brainframe we help you structure all contracts, data processing agreements and validation checklists in a dedicated supplier folder. We also have a dedicated document type called "Supplier or subcontractor" which represents the 3rd party you work with and comes with a vendor review template.

On each of these suppliers you can then track the risk they represent as part of our risk module


Data protection impact assessment (DPIA)

When you identify special categories of data, or processing activities that are likely to put the rights and freedoms of the data subject at risk, you are required to create a data protection impact assessment. We have a dedicated document type for this that comes with a ready to use template different