New GDPR Compliance Software From PORT.im

GDPR compliance software is the best way to comply with privacy regulations and stay on top of your compliance responsibilities.

Compliance Center is the only GDPR compliance software that’s dynamically integrated with Privacy Center.

GDPR Compliance Software

Compliance Center

All the GDPR compliance software tools needed to manage personal data compliance, simply and efficiently, and all in one platform.

Simple GDPR is Difficult.

And there’s a good reason. The regulations are complex and the demands are onerous. There are also many interpretations of what is needed to be done to comply.

Many businesses try to manage GDPR compliance with spreadsheets and policies. This is the traditional way but it complex and time-consuming to set up and soon becomes impractical to maintain them and keep them all up-to-date and accurate.

If you’ve ever tried to manage compliance in spreadsheets you’ll have experienced the pain of having to update details, review dates, individuals, and third parties, multiple times.

Collaborating with colleagues and external consultants on spreadsheets is also difficult.

PORT.im’s GDPR Compliance Software Makes Life Easy.

PORT.im does away with the complexity of spreadsheets.

PORT.im is a single privacy platform that enables effective and efficient end-to-end GDPR compliance.

From the customer-facing privacy policy right through to maintaining the Article 30 records of processing, and everything in between.

PORT.im has privacy compliance covered with professional tools that ensure robust compliance, easy collaboration, seamless records and reporting.

Dynamically Integrated With Privacy Center

Compliance Center is dynamically integrated with Privacy Center, so as your business grows and changes, your Privacy Center updates automatically.

Notifications let you know when the regulations change. Simply review and accept the changes to keep your compliance records and Privacy Center up-to-date.

The advantages of a fully integrated privacy platform are many. Top of the list is that data only needs to be entered once and it populates everywhere. Saving you time, money and headaches.

Spreadsheets Are The Enemy of Good Compliance

Spreadsheets can cause more problems than they solve.

When it comes to maintaining privacy compliance records spreadsheets can be a liability.

The problem with using spreadsheets is that they were never designed for recording compliance. 

To maintain Article 30 records of processing the regulators expect your records to be accurate and up to date.

To do this it is necessary to review all aspects of your privacy management on a regular basis.

Spreadsheets make the process of reviewing records difficult and time-consuming. Each record has to be updated manually, often taking many hours or even days.

The solution is a privacy platform.

PORT.im enables data to be entered once and for it to be used across the platform. This also means that review dates are automatically ticked off and updated across all the records.

Collaborate With Colleagues and Advisors

Collaboration with colleagues is easy when everyone is working on one platform. 

A single platform means that there is one view of the truth. A single place where everything to do with privacy is handled.

Collaborating on spreadsheets can be a nightmare. But on PORT.im it’s simple.

Invite collaborators to contribute to the extent and accuracy of the data you are recording. 

One Privacy Platform – One View of The Truth

Privacy compliance is difficult enough without having the data spread across the organization in different spreadsheets and policies.

PORT.im pulls all privacy compliance recordkeeping onto one seamless platform with tools for all the records the regulator will want to see.

Data Governance Framework

PORT.im provides a ready made data governance framework.

It’s simple and fast to set up and has all the tools and documentation that most data controllers need to maintain their article 30 records of processing.

GDPR Data Mapping

At the heart of Compliance Center is the GDPR data mapping tool.

Knowing what personal information an organisation manages, where it is and who it is shared with is challenging. Recording all the detail is even harder.

The PORT.im GDPR data mapping tool sits at the heart of the Compliance Center. When the data mapping is updated the Privacy Center, privacy policy, and all other records are automatically updated too.

Featuring automated third party data mapping, the data map is simple to set up and easy to update.

The complexities of GDPR data mapping are simplified with drag and drop ease and multi-user collaboration.

Preconfigured Third Party Profiles

PORT.im data mapping tool is preconfigured with hundreds of third party profiles.

Many of the most commonly used third parties are included, saving hours of research and data collection.

Article 30 Records of Processing (ROPA)

Article 30 of the GDPR requires organizations to record an extensive list of details.

You can see the full list here.

The ICO provides extensive information about what needs to be recorded to be compliant but the heavy lifing still falls on each business to create and manage their own data governance framework.

PORT.im – Ready Made Data Governance Framework 

PORT’s Compliance Center is a structured set of tools and documents that when completed and maintained, provides a comprehensive solution to the challenges of fulfilling the demands of Article 30 of the GDPR.

GDPR Compliance Software You Can Rely On

Compliance Center GDPR compliance software is loaded with all these features:

Compliance Action Plan

Compliance Center has a built-in compliance action plan to save you time and ensure that the important aspects of your compliance are recorded.

Carrying out regular reviews and keeping records up to date is a key aspect of privacy compliance.

So Compliance Center has notifications and reminders to keep you on track and up to date.

Data Retention Policy

If you manage personal information it’s important to have a data retention policy in place and a data retention schedule.

Both records are necessary.

The regulations demand data minimisation and security of personal information.

To fulfil these requirements it’s important to limit the storage of personal data.

Where possible you should work out how long you need to store the data. 

The keyword here is ‘need’ as it’s very easy to overestimate the real need for your organisation to store personal information.

With the objective of data minimisation, your goal is to delete information as soon as practical after it is no longer needed.

PORT.im’s Compliance Center provides a data retention schedule that makes the task of recording data deletion timescales simple and complies with the regulatory requirements.

Category of Personal Data

Category of data refers to the special categories of personal information that your organisation might collect.

Recording the categories of personal data that your organisation uses is part to of the Article 30 requirements.

Special Category Personal Data

Special category data includes:

  • Race
  • Ethnic origin
  • Political opinions
  • Religious or philosophical beliefs
  • Trade union membership
  • Genetic data
  • Biometric data
  • Health data
  • Sex life
  • Sexual orientation

Lawful Basis of Processing

Recording the lawful basis of processing is also key to maintaining compliance with GDPR.

There are six bases for lawful processing personal data. You must have a valid basis to process personal information.

The six lawful bases of processing are:

  • Consent
  • Contract
  • Legal Obligation
  • Vital Interests
  • Public Task
  • Legitimate Interests

The principles of GDPR requires you to process personal data lawfulluy, fairly and transparently.

It’s the lawful aspect of these principles that demands that you record the lawful basis.

PORT.im’s Compliance Hub enables you to record the lawful basis together with the purpose for processing.

Data Protection Impact Assessment (DPIA)

You can use a data protection impact assessment template but spreadsheets are a difficult and time consuming way to record DPIAs.

The quick and efficient way to carry out a data protection impact assessment is when it is integrated into an end-to-end privacy management system like PORT.im’s Compliance Hub.

Legitimate Interest Assessment (LIA)

If you are planning on using Legitimate Interest as your lawful basis for processing then you’ll need to carry out and record a  Legitimate Interest Assessment otherwise known as an LIA.

Should I use a Legitimate Interest Assessment Template?

Again, there are templates available but it’s advisable to keep all your privacy compliance records in a safe place.

Subject Access Request (SAR)

Manage and record subject access requests in one central place.

SAR GDPR

Subject Access Requests(SARs), also know as Data Subject Access Requests (DSAR) are the terms used to describe a request made by an data subject. 

Another aspect of maintaining full compliance records is the recording of these records and providing timely responses.

Compliance Hub makes recording and managing SARs simple.

The SAR is recorded centrally enabling team members to respond appropriately and within the required timescales.

Personal Data Breach Log

Keeping records of any personal data breaches that may occur is, again, important.

Data breaches can be large or small. Either way it’s key that they be managed and recorded correctly.

Compliance Hub provides a robust and collaborative method of record keeping.

Employee Privacy Notice Generator

PORT.im’s platform automatically generates an employee privacy notice based on the information you enter.

It’s a fast and simple way to create an employee privacy notice and is simple to update as your business changes and grows.

Team Task Management

Easily invite colleagues to contribute to the data mapping and management of personal data compliance.

Keep up with actions and tasks of others in your team.

Document Registry

Compliance Hub has a document registry.

This enables you to keep documents that relate to privacy on the platform so they are available to your team.

This is particularly useful if you have documents that you want to make publicly available together with your privacy policy.

Getting Started is Simple

If you haven’t already implemented Privacy Center you should. It’s free and it will help you communicate your trustworthiness more effectively.

You can learn more about the trend for privacy centers here, and the benefits of using a privacy center over just a privacy policy.

Privacy Center includes a free automatically generated privacy policy.

It’s quick and simple to set-up. It can be either embedded in your website or you can use the fully hosted version and link to it from your website or app.

To add the GDPR compliance software simply upgrade your plan to include Compliance Center.

Get started here.