MANAGE PROCESSING OF PERSONAL DATA
RESPONSIBLY

Meet our system, which comprehensively supports the management of personal data processed in the business processes in the organization

PROTECT YOUR DATA IN A RIGHT WAY

NEW OBLIGATIONS FOR COMPANIES

The GDPR also known as GDPR is Regulation of the European Parliament and of the Council (EU) 2016/679 of April 27, 2016. It concerns both the protection of individuals with regard to the processing of personal data and the free movement thereof, as well as the repeal of Directive 95/46 / EC.

From May 25, 2018, the date of entry into force of the Personal Data Protection Act, an obligation was imposed on each entrepreneur to adapt his company’s activities to it.

eGDPRbay TAKES CARE OF YOUR SAFETY

To be consistent with the regulation, it is essential to understand, among others which personal data are processed, for what purpose, if the purpose is adequate to the scope of the data being processed, where and whether the personal data are processed in a secure manner, and what is the formal and legal basis, etc. The eGDPRBay portal allows you to inventorise and manage in a systematic way, including:

  • the purposes of processing personal data
  • legal basis
  • registration of IT systems in which personal data are processed
  • registration and the use of technical and organizational measures / measures
  • management, organizational and procedural matters related to the management of personal data – data retention times.

The above describes only part of the system’s capabilities. For more details and availability of individual system areas, see “About Product”.

eGDPRbay BENEFITS

We are convinced that the multidimensional concept of our system will add value to every role / person responsible for the processing of personal data – regardless of whether you are a Personal Data Inspector, a person responsible for personal data processing, owner of a business process in which personal data is processed, employee, contractor or lawyer specializing in the protection of personal data.

ONE PRODUCT - MANY ADVANTAGES

risk management

Manage personal data in a responsible manner, aware of the risks involved. Try our system and focus on what's most important to you.

EASE OF USE

The solutions we propose are intuitive and allow you to get the information you need quickly and easily.

AUTOMATION AND DURABILITY *

The eGDPRBay system is a relational system, so in most cases after entering the data, the user will refer to the previously entered data if necessary and do not enter it repeatedly.

SUPPORT FOR EXPERTS

You can count on the full support of consultants at the first attempt to log in and the implementation of 1-2 processes in accordance with eGDPRBay.

CONFORMITY WITH THE GDPR

The relationships, registers and processes implemented by eGDPRBay are based on Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April, 2016 - Regulation of the European Parliament

INTEGRITY WITH ISO 31000

We strive to ensure that risk management complies with ISO 31000 and based on reports generated based on user input.

* The operator strives to ensure that the client as part of the system implementation modifies the scope of the predefined data prepared by the Operator, and does not have to enter data for such purposes/processes from scratch.

CHOOSE A PACKAGE FIT FOR YOUR NEEDS

  • Basic
  • RECOMMENDED
    premium
  • premium plus
  • custom
Basic
RECOMMENDED
premium
premium pluscustom
PLN85
net / month*
PLN105
net / month*
PLN200
net / month*
priced individually
CONTEXT PERSPECTIVE
The context of the purposes underlying the management of personal data (Purposes Management Context), the roles whose data is processed and the data processing roles
Context of formal and legal grounds on the basis of which personal data are processed (Lawful Basis Management Context)
Context of IT systems in which personal data is processed (IT Systems Context)
Context of the category of data subjects (also known as GDPR roles / actors) whose data is processed
Context of technical and organizational measures related to ensuring the security of personal data (Technological & Organisational Security Measures)
Management, procedural and organizational context necessary for the functioning and accountability of the entire enterprise (Personal Data Governance Context)
Context of personal data types, introduced to systematize and common understanding of the types of personal data that the organization manages (Personal Data Types Context)
Reports / Registers: (a) Register of processing activities (b) Register of processing activities categories
CONFORMITY MANAGEMENT PERSPECTIVE
Type of Violation Management Module
Types and Templates Management Module
Types of requests of Data Subjects Management Module
Report Management Module
Risk Management Module
Issues / Task Management Module
Personal data breach Management Module
Notification Management Module
Submissions of Data Subjects Management Module
Operational Report Management Module
Register of processing activity categories
Register of Artefacts / Products categories containing personal data
Register of Artefacts / Products containing personal data
Register of Data Subjects
API
Additional services priced individually: (1) Support in inventorying Contexts (2) Preparation of specialized reports based on data inventoried under the Context Perspective (3) Export of selected dataAdditional services priced individually: (1) Support in the inventory of individual modules (2) Preparation of specialized reports based on data inventoried under the Compliance Management Perspective (3) Export of selected dataFee for disk space for perspective 3 after exceeding data in XX GB; for each subsequent 1 GB - PLN 50 net;Implementation of a dedicated eGDPRBay system instance at the Customer's. Under the license, our clients receive access to the part of the system in which they can provide processing of personal data in terms of Context Perspectives, Perspectives of Compliance Management and the Operational Perspective.
Additional services priced individually: (1) Support in the inventory of individual modules and registers (2) Preparation of specialized reports based on data inventoried under the Operational Compliance Management Perspective (3) Integration with existing domain systems (4) Import / Export of selected dataThe solution implementation process is determined individually in accordance with the client's requirements, i.e .: (1) implementation scope (2) analytical processes (3) business and system processes (4) implementation and service support (5) training (6) other requirements
Choose BASICChoose PREMIUMChoose PREMIUM PLUSChoose CUSTOM

* The given prices are net prices/month for 1 user

You are not sure if this solution is for you?
Use the trial period and test our system for 30 days completely for free.

FAQ

The platform supports processes related to GDPR thanks to the wide reflection of business processes related to data processing and management as well as data itself, incident management or risk analysis, as well as the implemented process of continuous monitoring and reflection on the change platform resulting from the update of the GDPR regulations. The client/company during the trial period as a data controller should define business processes in its organization, verify compliance with its standards, policies, and procedures in the area of ​​personal data protection, supported by risk analysis and assess the situation within your organization’s reports.

The Operator will make efforts to adopt the System to legal changes, however, due to the number and multidimensionality of issues, he can not guarantee it.

All data is currently stored on servers in the European Union / European Economic Area, with maintaining adequate security standards.

For a contextual perspective and compliance perspective, these are basic identification data of employees who fill roles in the “Management, Organizational and Procedural Context”. For mature process organizations, it is possible to not assign employees and rely only on contact details of roles. For the operational perspective, these are the data and contact details of Data Actors/Subjects necessary for unambiguous identification, confirmation of identity in the case of interaction with the Data Entity and effective communication. At present, no documents with personal data are processed in the system.

All kinds of personal data are entered/processed by the Client / Company user, who remains the administrator of all personal data processed in the System Instance. The Client / Company during the trial period should verify that the scope and categories of personal data processed in the System Instance and the security are in accordance with its standards and policies. The purchase of a subscription confirms positive verification.

The actual basic identification and contact details of Data Actors/Subjects are processed from an operational perspective. The Client / Company as their administrator should reflect this in contracts with Data Entities and/or information obligations.

The eGDPRBay system has been designed for every size of the company.

The scope of data entered in the context perspective allows the automatic generation of such registers. The user selects which activities should be included in these registers.

Yes. The Risk Management area located in the Compliance Management perspective enables the recording and management of identified risks – starting from identification (considering the context), through estimation (identification, analysis, evaluation), then treatment and remedies up to monitoring. An important element supporting risk management are reports from the Report Management Area generated based on data and relations from CONTEXT PERSPECTIVES.

In many industries, the management or support processes have similar scope and purposes of the processing, therefore the Operator strives to make the client modify the scope of predefined data prepared by the Operator as part of the system implementation, and not have to enter data for such purposes/processes from scratch. The goal is to optimize the client’s effort/costs in implementing the system. An example can be the HR processes.

In order to ensure the adequacy of the scope of input data to customer needs and costs, most fields are optional. It is the client who decides what data he wants or can enter into the system. In conjunction with a flexible data model, this allows the system to be adapted to almost any size of the company. The scope of the data introduced determines the possibility of a subsequent multidimensional analysis of the processing of personal data and related risks. The initial, minimum scope should enable reliable risk analysis and the generation/preparation of obligatory registers.

The Company’s involvement is derived from the amount of data that should be entered into the system. The operator strives to ensure that the client as part of the implementation of the system will modify the scope of the predefined data prepared by the Operator, and not have to enter data for such purposes/processes from scratch. The goal is to optimize the client’s effort/costs in implementing the system. An example can be the HR processes. The involvement will be greater when entering data.

The multiplicity and complexity of processes usually translate into more processing goals, legal grounds, and other issues/data that the organization should manage. The degree of complexity is a particularly important issue for situations in which the administrator has imposed a time frame for the preparation of responses (e.g. handling of data subjects’ reports) or analysis and, possibly, reporting of infringements. For large organizations, it is advisable to implement the eGDPRBay class system. The eGDPRBay system is a relational system, so in most cases after entering the data, the user will refer to the previously entered data if necessary and do not enter it repeatedly.

The eGDPRBay system may support the achievement or confirmation of compliance with the Regulation and/or other legal acts based on which personal data are processed in many dimensions, e.g.: – in risk management (see Risk Registry and Report Area that may support identification and analysis risk), – preparation and management of activity registers or categories of processing activities (after entering the data necessary to prepare such a register, the system can generate such a register in a dynamic way). – verification of the adequacy of measures / technical and organizational measures in relation to types/categories of data processed, IT systems, processing area or risks. – verification of accountability and supervision for compliance with the Regulation (see management, organizational and procedural context). – keeping a register of authorizations to process personal data and templates of such authorizations – keeping a training register. The system’s possibilities are much greater. The description of the system concept should help in understanding how or whether the eGDPRBay system can support the organization in the area of ​​personal data management. We believe that the functionalities implemented or planned to be implemented together with a flexible data model and predefined content will significantly contribute to the achievement and subsequent management of compliance with the Regulation and/or other legal acts based on which personal data are processed. Due to the multidimensionality and complexity of the issue of managing the processing of personal data, we cannot guarantee that the eGDPRBay system ensures compliance with the Regulation or other legal acts.

The organization can define any processing goals and the flexible data model of the eGDPRBay system should enable their introduction into the system. In case of doubt, please contact us.

Yes. Before you buy a subscription, after registering, you can test the system free of charge for 30 days.

The system provides the functionality of managing retention times. The configuration of this functionality belongs to the user.

The eGDPRBay portal is the result of the GDPR analysis in many areas, however, it does not guarantee compliance with GDPR or protection against possible penalties. In case of any doubts, consultations regarding the system or legal functioning are recommended.

Yes, but it can be a paid service. After reporting the demand by the customer, the Operator will prepare a quote and information on possible dates of consultations.

Did not find the answer to your questions? Contact us

contact

Do you need more information? Are you interested in our offer? Or maybe you have other queries?

Feel free to contact us!

marketing@klgsolutions.com

Interested? Take advantage of the free trial period.