Transform Your GDPR
administration into

value creating

Services based on

facts

Read more

Traditional GDPR
Administration

Services

  • Labor intensive manual data subject access requests
  • Expensive third-party DPA audits,
  • Model-based demonstration of compliance (top-down)
  • Perception driven monitoring of compliance
  • Interview or record based corrective actions

Structure

  • Static “demonstration of compliance” centric governance and documentation
  • Focus on data storage rather than data life-cycle processing
  • External communication material rather than working instructions

Methodology

  • Based on interviews or old documentation
  • Proven by samples
  • Formed into current opinions

Feedback or project driven governance

Value creating Services
based on facts

Services

  • Time and cost-effective on the fly DSAR data collection
  • Ad hoc audit readiness and mock audits at the press of a button
  • Data Inventory based proof of compliance (statistical confirmation)
  • Online monitoring of compliance
  • Fact-based corrective actions

Structure

  • The documentation defines organisational behaviour, and enables active policy enforcement and follow-up
  • A full and detailed view of all Personal Data kept up-to-date by the tool
  • The tool allows aligning and connecting the processing definition and the data

Methodology

  • Based on detailed data inventory of databases and file servers
  • Proven by categorised, comprehensive statistics based on real and actual data
  • Focus on defining and controlling how compliant processing becomes part of daily operations

Governance becomes pro-active, alert-driven and continuous

We can help you convert communication driven governance
into transparent and trustworthy factual compliance services

You probably have updated organizational and technical measures since GDPR - but how is the link to demonstrating compliance kept up-to-date?

How do you conduct and perform your next GDPR audit and GAP?

Governance and documentation

We link your actual Personal Data with the documentation that defines the processing activity

Actual Personal Data on Your books

CISO & security

Identifying threat vectors relating to Personal Data is based on gerneral platform level profiling, lacking details on the actual scope and nature of then content. It is hard to engage business in decision making.

CIO & ICT ops and dev

GDPR regulates the use of data, yet all privacy policies and compliance documents are too general to give any actual input for work with data or plan for transitions in your landscape

Board & CEO

Is your compliance level based on facts or assumptions? Did the people who wrote your privacy policies have access to your data and files?

Legal, GRC, DPO and privacy

25.5.2018 required a lot of formal groundwork to be done, but the traditional methods and partners available for risk management are seldom experts in the fields of data, information management and systems design.

Know what to protect and help your organisation understand how to work with your Personal Data. Build business value and trust with your compliance investment.

1. Setup

E-discovery and e-register

2. Scanning

Data
Processes
Supporting assets

3. Legal

Proportionality and necessity

4. Risk management

Does the documentation match the findings?

5. Revise

Control to protect the rights of data subjects

Give us a call or get in touch to arrange an online demonstration or to get further material.

Contact Details

FactualCompliance.com

Offices:

Bankgatan 1A
223 52 Lund

tel. +46 (0)46 273 1718
info@factualcompliance.com

Newsletter

Send an e-mail to newsletter@factualcompliance.com from the account you want to receive the newsletter with a request to be added to our list to receive updates, news and insigts.