menu
Enhance your organization’s data protection with a solution designed to streamline and fortify GDPR compliance processes, ensuring you remain consistently aligned with regulatory standards.
Replace self-built spreadsheets with our GDPR solution, a comprehensive tool guiding you through legally mandated data processing questions. With access to related templates and an extensive information hub, everything you need is centralized in one secure, user-friendly platform.
For more details and a better understanding, you can book a free, no-obligation demo with us at any time – for this and any other solution.
A register of processing activities to manage all GDPR-related documentation and follow-ups in an easy-to-navigate system that simplifies data protection tasks.
Joint effort within the organization through role-based access control in the GDPR tool.
No extensive technical installation required – our user-friendly tool is designed for a quick and efficient setup, supporting organizations of all sizes.
Access to a complete collection of ready-to-use templates covering all key GDPR requirements, ensuring consistent and thorough compliance.
Our tool provides a customized reporting function from the register of processing activities. Generate clear and detailed reports to transparently communicate GDPR compliance progress to management and stakeholders.
Built to the highest standards with daily backups, our system ensures complete protection of sensitive data. Our management system is certified by ISO 27001.
“ The software gives us a structured way of working, and a partner who makes sure we are doing things correctly and by law. ” Jane Bergman, OnePartnerGroup
The EU considers that the personal data of its citizens should be protected as far as possible, even outside the borders of the Union. Therefore, the law covers all processing of EU citizens' personal data, regardless of whether the company or organization carrying out the processing is located within the EU or not. An e-commerce in China aiming for EU citizen customers is thus covered by the GDPR in the same way as a company in Sweden.
The person responsible for personal data, the data controller, is obliged to report any personal data breach to the supervisory authority, in Sweden Integritetsskyddsmyndigheten (IMY), within 72 hours. The exception to this obligation is if it is unlikely that the data breach entails a risk to the rights and freedoms of the data subjects. The decision not to report must be documented, in case of an inspection.
One of the fundamental rights of data subjects is the right to have their data deleted, or in other words, to be "forgotten". If a data subject makes a request of its’ personal data to be deleted, the main rule is that you must delete them. However, there are some exceptions when the data is not to be deleted. The exceptions often apply if the person responsible for personal data is an authority or performs a task of general interest. You can, among other things, refuse the data subject deletion if it is necessary to maintain other important rights, such as the rights to freedom of speech or information, to fulfill a legal obligation, or to be able to establish, assert or defend legal claims. Regardless of whether you delete the information or have a reason to keep it, you must reply to the data subject without undue delay, i.e. no later than one month after you have received the request.
As a company, you need to meet the requirements set out in the GDPR. This means, among other things, to follow the general principles, ensuring that all processing of personal data has a legal basis and informing the data subjects about how you process their personal data.
If you violate the GDPR, you can receive a large fine. How big is estimated case by case, but the maximum is 20 million Euros or four percent of the global annual revenues, whichever is the highest amount. This is to also be able to make the large global groups live up to the regulations.
