They're talking about us

GDPR Compliance in 3 Steps

Step-by-step instructions, wizards, templates and know-how

1. Identify Personal Data & Processing Activities

Why we collect the data and what we’re going to do with it

2. Manage Data Subject Rights & Requests

How can we be transparent and respect individuals privacy

3. Process Personal Data Accordingly

Can we process the data and is there restrictions? Should we delete the data?

GDPR HQ Modules & Features

GDPR HQ is a central repository for GDPR compliance

Records of Processing Activities

Document and manage records of processing activities of personal data. Required and best practice documentation.

Consent ManagemenT

Define and create a document for consent (HTML form or printable PDF). Track transactions of consent from individuals. Consent withdrawal.

Data Subject Requests

Collect data subject requests manually or using HTML form/API. Act on a particular request, track execution, communicate with individuals.

Data Subjects Management

Manage only IDs or manage a basic set of personal data for data subjects. Connect with other applications you're using through APIs.

Cookie Consent & PRIVACY POLICY

Manage website visitors cookie consents and preferences. Automatically create and maintain Cookie and Privacy Policy.

code-first & api-first

Open source client SDK you can use in your application to make it GDPR compliant. Use APIs/WebHooks to communicate with GDPR HQ.

Relevant GDPR Articles

Article 4: Definitions
Article 6: Lawfulness of processing
Article 7: Conditions for consent
Article 7(3): Right to Withdraw Consent
Article 12: Transparent information, communication and modalities for the exercise of the rights of the data subject
Article 13: Information to be provided where personal data are collected from the data subject
Article 14: Information to be provided where personal data have not been obtained from the data subject
Article 15: Right of access by the data subject
Article 16: Right to rectification
Article 17: Right to erasure ("right to be forgotten")
Article 18: Right to restriction of processing
Article 19: Notification obligation regarding rectification or erasure of personal data or restriction of processing
Article 20: Right to data portability
Article 21: Right to object
Article 22: Object to automated individual decision-making, including profiling
Article 30: Records of processing activities
Article 44: General principle for transfers