MANAGE PROCESSING OF PERSONAL DATA
RESPONSIBLY
Meet our system, which comprehensively supports the management of personal data processed in the business processes in the organization
PROTECT YOUR DATA IN A RIGHT WAY
NEW OBLIGATIONS FOR COMPANIES
The GDPR also known as GDPR is Regulation of the European Parliament and of the Council (EU) 2016/679 of April 27, 2016. It concerns both the protection of individuals with regard to the processing of personal data and the free movement thereof, as well as the repeal of Directive 95/46 / EC.
From May 25, 2018, the date of entry into force of the Personal Data Protection Act, an obligation was imposed on each entrepreneur to adapt his company’s activities to it.
eGDPRBay TAKES CARE OF YOUR SAFETY
To be consistent with the regulation, it is essential to understand, among others which personal data are processed, for what purpose, if the purpose is adequate to the scope of the data being processed, where and whether the personal data are processed in a secure manner, and what is the formal and legal basis, etc. The eGDPRBay portal allows you to inventorise and manage in a systematic way, including:
- the purposes of processing personal data
- legal basis
- registration of IT systems in which personal data are processed
- registration and the use of technical and organizational measures / measures
- management, organizational and procedural matters related to the management of personal data – data retention times.
The above describes only part of the system’s capabilities. For more details and availability of individual system areas, see “About Product”.
eGDPRBay BENEFITS
We are convinced that the multidimensional concept of our system will add value to every role / person responsible for the processing of personal data – regardless of whether you are a Personal Data Inspector, a person responsible for personal data processing, owner of a business process in which personal data is processed, employee, contractor or lawyer specializing in the protection of personal data.
ONE PRODUCT - MANY ADVANTAGES
risk management
Manage personal data in a responsible manner, aware of the risks involved. Try our system and focus on what's most important to you.
EASE OF USE
The solutions we propose are intuitive and allow you to get the information you need quickly and easily.
AUTOMATION AND DURABILITY *
The eGDPRBay system is a relational system, so in most cases after entering the data, the user will refer to the previously entered data if necessary and do not enter it repeatedly.
SUPPORT FOR EXPERTS
You can count on the full support of consultants at the first attempt to log in and the implementation of 1-2 processes in accordance with eGDPRBay.
CONFORMITY WITH THE GDPR
The relationships, registers and processes implemented by eGDPRBay are based on Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April, 2016 - Regulation of the European Parliament
INTEGRITY WITH ISO 31000
We strive to ensure that risk management complies with ISO 31000 and based on reports generated based on user input.
* The operator strives to ensure that the client as part of the system implementation modifies the scope of the predefined data prepared by the Operator, and does not have to enter data for such purposes/processes from scratch.
CHOOSE A PACKAGE FIT FOR YOUR NEEDS
- Basic
- RECOMMENDEDpremium
- premium plus
- custom
Basic |
RECOMMENDED
premium | premium plus | custom | |
---|---|---|---|---|
PLN85 net/month* | PLN105 net/month* | PLN200 net / month* | priced individually | |
CONTEXT PERSPECTIVE | ||||
Purposes and Categories Of Processing Management Context | ||||
Lawful Bases, Contracts or Other Legal Acts Context | ||||
Means, Systems and Assets Context | ||||
Categories of Data Subjects Context | ||||
Technical and Organisational Measures Context | ||||
Governance, Procedural & Privacy Organisation Context | ||||
Personal Data Categories and Data Retention Management Context | ||||
CONFORMITY MANAGEMENT PERSPECTIVE | ||||
Compliance Reports Management | ||||
Obligatory Registers Management | ||||
Optional Registers Management | ||||
Risk Management | ||||
Issues and Tasks Management | ||||
Document and Form Templates Management | ||||
Notification Types Management | ||||
Managing Types of Requests from Data Subjects | ||||
Breach Types Management | ||||
OPERATIONAL PERSPECTIVE | ||||
Register of Data Subjects | ||||
Operational Management of Requests from Data Subjects | ||||
Operational Notifications Management | ||||
Processing Activities and Categories of Processing Activities Management | ||||
Product and Service Categories Management | ||||
Operational Breaches Management | ||||
Products and Services Management at Data Subject level | ||||
Operational Reports Managements | ||||
API | ||||
Additional services priced individually: (1) Support in inventorying Contexts (2) Preparation of specialized reports based on data inventoried under the Context Perspective (3) Export of selected data | Additional services priced individually: (1) Support in the inventory of individual modules (2) Preparation of specialized reports based on data inventoried under the Compliance Management Perspective (3) Export of selected data | Fee for disk space for perspective 3 after exceeding data in XX GB; for each subsequent 1 GB - PLN 50 net; | Implementation of a dedicated eGDPRBay system instance at the Customer's. Under the license, our clients receive access to the part of the system in which they can provide processing of personal data in terms of Context Perspectives, Perspectives of Compliance Management and the Operational Perspective. | |
Additional services priced individually: (1) Support in the inventory of individual modules and registers (2) Preparation of specialized reports based on data inventoried under the Operational Compliance Management Perspective (3) Integration with existing domain systems (4) Import / Export of selected data | The solution implementation process is determined individually in accordance with the client's requirements, i.e .: (1) implementation scope (2) analytical processes (3) business and system processes (4) implementation and service support (5) training (6) other requirements | Choose BASIC | Choose PREMIUM | Choose PREMIUM PLUS | Choose CUSTOM |
* The given prices are net prices/month for 1 user
Use the trial period and test our system for 30 days completely for free.
FAQ
The platform supports processes related to GDPR thanks to the wide reflection of business processes related to data processing and management as well as data itself, incident management or risk analysis, as well as the implemented process of continuous monitoring and reflection on the change platform resulting from the update of the GDPR regulations. The client/company during the trial period as a data controller should define business processes in its organization, verify compliance with its standards, policies, and procedures in the area of personal data protection, supported by risk analysis and assess the situation within your organization’s reports.
The Operator will make efforts to adopt the System to legal changes, however, due to the number and multidimensionality of issues, he can not guarantee it.
All data is currently stored on servers in the European Union / European Economic Area, with maintaining adequate security standards.
For a contextual perspective and compliance perspective, these are basic identification data of employees who fill roles in the “Management, Organizational and Procedural Context”. For mature process organizations, it is possible to not assign employees and rely only on contact details of roles. For the operational perspective, these are the data and contact details of Data Actors/Subjects necessary for unambiguous identification, confirmation of identity in the case of interaction with the Data Entity and effective communication. At present, no documents with personal data are processed in the system.
All kinds of personal data are entered/processed by the Client / Company user, who remains the administrator of all personal data processed in the System Instance. The Client / Company during the trial period should verify that the scope and categories of personal data processed in the System Instance and the security are in accordance with its standards and policies. The purchase of a subscription confirms positive verification.
The actual basic identification and contact details of Data Actors/Subjects are processed from an operational perspective. The Client / Company as their administrator should reflect this in contracts with Data Entities and/or information obligations.
The eGDPRBay system has been designed for every size of the company.
The scope of data entered in the context perspective allows the automatic generation of such registers. The user selects which activities should be included in these registers.
Yes. The Risk Management area located in the Compliance Management perspective enables the recording and management of identified risks – starting from identification (considering the context), through estimation (identification, analysis, evaluation), then treatment and remedies up to monitoring. An important element supporting risk management are reports from the Report Management Area generated based on data and relations from CONTEXT PERSPECTIVES.
In many industries, the management or support processes have similar scope and purposes of the processing, therefore the Operator strives to make the client modify the scope of predefined data prepared by the Operator as part of the system implementation, and not have to enter data for such purposes/processes from scratch. The goal is to optimize the client’s effort/costs in implementing the system. An example can be the HR processes.
In order to ensure the adequacy of the scope of input data to customer needs and costs, most fields are optional. It is the client who decides what data he wants or can enter into the system. In conjunction with a flexible data model, this allows the system to be adapted to almost any size of the company. The scope of the data introduced determines the possibility of a subsequent multidimensional analysis of the processing of personal data and related risks. The initial, minimum scope should enable reliable risk analysis and the generation/preparation of obligatory registers.
The Company’s involvement is derived from the amount of data that should be entered into the system. The operator strives to ensure that the client as part of the implementation of the system will modify the scope of the predefined data prepared by the Operator, and not have to enter data for such purposes/processes from scratch. The goal is to optimize the client’s effort/costs in implementing the system. An example can be the HR processes. The involvement will be greater when entering data.
The multiplicity and complexity of processes usually translate into more processing goals, legal grounds, and other issues/data that the organization should manage. The degree of complexity is a particularly important issue for situations in which the administrator has imposed a time frame for the preparation of responses (e.g. handling of data subjects’ reports) or analysis and, possibly, reporting of infringements. For large organizations, it is advisable to implement the eGDPRBay class system. The eGDPRBay system is a relational system, so in most cases after entering the data, the user will refer to the previously entered data if necessary and do not enter it repeatedly.
The eGDPRBay system may support the achievement or confirmation of compliance with the Regulation and/or other legal acts based on which personal data are processed in many dimensions, e.g.: – in risk management (see Risk Registry and Report Area that may support identification and analysis risk), – preparation and management of activity registers or categories of processing activities (after entering the data necessary to prepare such a register, the system can generate such a register in a dynamic way). – verification of the adequacy of measures / technical and organizational measures in relation to types/categories of data processed, IT systems, processing area or risks. – verification of accountability and supervision for compliance with the Regulation (see management, organizational and procedural context). – keeping a register of authorizations to process personal data and templates of such authorizations – keeping a training register. The system’s possibilities are much greater. The description of the system concept should help in understanding how or whether the eGDPRBay system can support the organization in the area of personal data management. We believe that the functionalities implemented or planned to be implemented together with a flexible data model and predefined content will significantly contribute to the achievement and subsequent management of compliance with the Regulation and/or other legal acts based on which personal data are processed. Due to the multidimensionality and complexity of the issue of managing the processing of personal data, we cannot guarantee that the eGDPRBay system ensures compliance with the Regulation or other legal acts.
The organization can define any processing goals and the flexible data model of the eGDPRBay system should enable their introduction into the system. In case of doubt, please contact us.
Yes. Before you buy a subscription, after registering, you can test the system free of charge for 30 days.
The system provides the functionality of managing retention times. The configuration of this functionality belongs to the user.
The eGDPRBay portal is the result of the GDPR analysis in many areas, however, it does not guarantee compliance with GDPR or protection against possible penalties. In case of any doubts, consultations regarding the system or legal functioning are recommended.
Yes, but it can be a paid service. After reporting the demand by the customer, the Operator will prepare a quote and information on possible dates of consultations.
Interested? Take advantage of the free trial period.