Fully embedded GDPR Audit Legal Assessment
The tool has an embedded full legal audit, catering for all the aspects of GDPR and the categories of data that you collect. This includes all the aspects of policies and regulations with recommended templates to be used within each of your data collections.
Centralised Personal Data Audit
GDPR Auto provides your Data Protection Officer (DPO) with a centralised full audited view of all the types of data held on your subjects across all of your systems together with the intended use and respective consent. All personal data held is fully auditable, enabling ability to demonstrate compliance with GDPR.
Audited re/consent in bulk and single subject calls
Automatic consent and re consent for each type of data type collected on your subjects is available through the system both on a subject level as well as in bulk. System allows for direct auditing by subjects and also regular / scheduled re-consenting configuration on different type of data.
Instant servicing of SAR requests through 2FA
The portal allows for instant servicing of Statement of Account Requests (SAR) by subjects. This is done through 2 factor authentication (2FA) on subjects to be able to receive the details for their request. GDPR Auto can be managed manually for small operators and can hook up to third party in house applications for automated data polling.
Instant servicing of PORTABILITY requests through 2FA
The portal allows for instant servicing of portability requests by subjects. Data is served through a common identifiable format and provided to subjects through 2FA in order to ensure that the requestor is getting such data. These can also be serviced instantly when GDPR Auto is hooked up to third party systems through the REST API.
Central dashboard and notifications
GDPR Auto has a central dashboard that constantly keeps your DPO on the alert for any anomaly and any aspect of risk that the organisation is running at any point in time. One of the main features is the automated alerts / notificiations that needs the attention of the DPO to be able to be processed. These include (but are not limited to) notifications of unconsent from subjects, upcoming retention policy limits on subjects, SAR and Portability requests and also requests for updates on data.