.png){kind=small}
All inclusive records of processing and impact assessment
One place to collaboratively manage privacy documentation
Privacy1's RoPA and DPIA solution gives you all the capabilities you need to not only map your personal data use, but also to assess your business processes for risk, all from within the same solution with no additional license costs or expensive consulting.
Process Orientated
Map and model the personal data and evaluate the processing risk by stepping through each of your processes.
Flexible, Integrated DPIA and RoPA
With your data inventory and impact assessment in a single place, it's easy to build , collaborate and maintain your GDPR records.
Modern software for smaller budgets
Built from experience of operating GDPR, our solution includes everything you need, is simple and easy and is offered at a price suitable for smaller businesses. There are no restrictions on number of users, number of processes modelled or risk assessments undertaken.
Records of Processing | RoPA
Move away from manually maintaining spreadsheets to a solution and map all your personal data use in our easy to use modelling tool. Working through each of your business processes the system will guide you to define your data types, processing purposes, retention times, data sharing, data processors and legal basis leading you to the next step of process screening and risk assessment.
Connected by your processes
Everything is connected by business processes in a structured data model. No more disconnected RoPA and DPIA records with difficult to maintain connections
Compliant Data Model
We maintain the GDPR compliant data model, keeping up with privacy changes so you don't have to.
Manage in one place
Role based permission model controls who can see and do what providing a central secure place for your records
Reporting and graphing
Reporting and graphing are inherently built into the process. Whether it is sending a report to your DPA or leveraging on data insights articulating risks for your stakeholders internally, we've got you covered.
Pre DPIA Process Screening
Screen your business processes and identify those that need a full DPIA assessment, saving you the work of performing a full DPIA on every process. Linked directly via your processes to the data mapping, it guides you through the considerations and records your decisions and justifications.
Record your decisions
As you assess each process the system will keep a record of your considerations, justifications and decisions.
Less effort, more accountability
Reduce risk assessment effort and gain more demonstrable accountability by being able to show all your considerations against your processes
Easy to use checklist
Use our preconfigured process screening checklist, based on ICO guidelines, to guide you through screening considerations
Data Processing Impact Assessment (DPIA)
Linked directly to your data mapping and process screening. DPIA enables a full GDPR compliant Impact Assessment to be performed. Identify different type of risk associated with current or future processing, detail remedial actions and generate risk scoring in current state and document residual risk scoring after planned actions / controls have been implemented
Identify risks
Use DPIA to guide you through identifying risk types, likelihood, severity and impacts for each risk against your screened processes.
Plan remedies and mitigation
Once identified you can set mitigation measures against each risk and record the before and after scoring once implemented
End to end record keeping
Connected to your screening and data inventory, your DPIA assessed processes are part of a seamless end to end record from data to processes to risk assessment and mitigation measures.
Privacy your way
"Privacy your way" is a design ethos of our software. It ensures that you can setup and run our software without lots of consultancy, you can configure it to match how your business runs and we strive to provide all the elements you need to manage privacy well on smaller budgets.
You can centrally configure all the modelling elements that you want to use such as custom labels, data subject categories and legal basis so you can set it up with your business language. There are also multiple starting points, so if, for example, you want to start with DPIA you can.
Fully configurable
Create and use all your own privacy model including risk types, data classifications, data subject categories, legal basis etc to match how you do business
Custom labels
Create and apply labels to help you manage, find, sort and customise your record keeping. You can add them to mark to do items, identify operational areas, in fact whatever you like. You can then use the to sort and search and keep organised.
Focus "privacy time" on compliance, not making tools
As a small business, you are unlikely to have a dedicated DPO or privacy manager. As such, time to focus on privacy is at a premium and the risks associated with the area are high. So the last thing that you want to be doing is having to develop, build, maintain and update your own tools, especially if you also have to perform all the research to be able to build them
We develop the solution so you can focus on privacy
We have developed our solutions from privacy professionals experienced in large and small companies. We build in not only what the regulations require, but also all the practical features you need to make your job easier and more efficient. We are constantly updating in line with best practices, new regulator guidance and regulation changes, so you don't have to worry about maintenance.
Designed for small companies and smaller budgets Privacy1 is offered in the cloud so you can access it from anywhere, any time. Privacy1 therefore gives you the ability to stop being a developer, take advantage of the built in privacy knowledge and focus your valuable time on mitigating risks and improving your privacy maturity.
We provide full product and GDPR support
As our solution is SaaS based, all the product support is included in the annual price. In addition, we have experienced GDPR and legal skills that you can take advantage of if you need help writing a privacy policy, getting budget buy in from the board, or want advice on how to manage third party data transfers outside the EU. See our consultants here