A Single Place to Manage Privacy Risk
Demonstrate Compliance & Accountability
Benchmark your organizational readiness for GDPR with questionnaires, prioritize requirements for compliance, provide executive-level visibility with detailed reports, and demonstrate accountability in the event of a regulatory sweep.
GDPR Articles 5 & 24Download the GDPR with OneTrust White Paper
Operationalize Your Privacy Program
Choose from numerous pre-defined screening and DPIA questionnaires, or import and tailor your own. Configure risk tracking workflows, distribute questionnaires to business users, and collect and analyze risks. Easily assign follow up tasks and generate the appropriate record keeping requirements.
GDPR Articles 25, 35 & 36Download The Ultimate PIA & DPIA Handbook
Generate a Processing Register for Article 30
Populate the data flow inventory through questionnaires, scanning technologies, in person workshops or through a bulk import. Once populated, automatically generate a searchable and evergreen inventory and visual cross-border maps based on the underlying data inventory.
GDPR Articles 6, 30, & 32Download the The Ultimate Data Mapping Handbook
Meet ePrivacy Regulation Requirements
Conduct ongoing scans of all your websites and automatically categorize any cookies and tracking technologies against a database of 5.5M cookies. Easily manage visitor consent and preferences with a highly customizable cookie banner and policy generator.
GDPR Articles 7, 21 & ePrivacy Directive Draft RegulationDownload the Future of EU Cookie Compliance White Paper
Enable Users to Request Their Personal Data
Subject Access Request Portal
GDPR Articles 12, 13, 14, 16, 17, 18, 19, 20 & 21
Demonstrate Consent Compliance
Embed consent management directly into your organization’s website, devices and internal systems by capturing transactions in a standardized way. Provide access to data subjects to allow withdrawal, and maintain internal records of consent.
GDPR Article 7
Review and Remediate Vendor Risks
Vendor Risk Management
Conduct vendor due diligence during the initial onboarding phase as well as re-audit on a risk based schedule. Send vendor assessment questionnaires directly to the third part to complete and create a central record of all your vendors and proper security obligations.
GDPR Articles 28(1), 24(1), 29 & 46(1)
Prepare an Incident Notification Workflow
Incident & Breach Management
Build a systematic process to document the incident, understand if it’s resulted in a breach, analyze harm to the individual and determine if a notification to the supervisory authority or the data subject is required.
GDPR Articles 33 & 34