With easyGDPR, you not only receive a DSGVO generator to create the required processing directories, data protection declarations or documentation, but also benefit from our years of experience in the area of IT and data security.
The advantages of easyGDPR at a glance:
Predefined templates (industry specific)
Our templates already cover most business areas. The processing directories already cover most of the processing operations. This enables you to comply with the requirements of the GDPR even faster and more easily.
automated creation of a privacy policy for your website or webshop
With the generator you create your privacy policy with a few mouse clicks. easyGDPR asks which technologies you use on your website (Google AdWords, Facebook Like button, etc.) and generates the appropriate privacy policy from the result.
Processing directories according to DSGVO
The General Data Protection Regulation requires that all processes that collect or process personal data be documented in detail. This so-called processing directory must be submitted to the data protection authority upon request or in the event of an inspection. With easyGDPR you can create this documentation quickly and easily. If the processes in your company are changed, you can update the processing directory with minimal effort.
Automation of data subject requests (“right to be forgotten“)
With the entry into force of the GDPR, every private individual was granted a full right of disposal over his or her personal data. At the request of the data subject(s), you must delete all personal data collected, unless there are important reasons to object to this request. The processing of these requests can be very time-consuming, with easyGDPR you get the possibility to handle these requests automatically.
Data protection impact assessment
If the data processing results in a high risk for the data subjects, then a so-called data protection impact assessment must be carried out (Article 38 GDPR). The purpose and the legitimate interest must be stated and compared with the risk for the data subjects. Reasons for high risk include the use of profiling technologies. The data protection impact assessment replaces the previously mandatory notification to the data processing register.
With easyGDPR, you can perform a data protection impact assessment for all eligible processing operations.
IT Security
With easyGDPR you can have your IT security evaluated. By specifically querying the necessary information, the system recognizes whether the security in your company is state of the art. If further measures are necessary, easyGDPR shows you what you need to do to ensure that your company is protected against cyberattacks. Thanks to our years of experience (certified Sophos partner) in the field of IT security, we can support you in the implementation on request
Standard Data Processing Templates
Many common sources of personal data processing occur in almost every organization. We have already included these processes (e.g. requests by e-mail, employee time recording, merchandise management, etc.) as templates in easyGDPR. This allows you to quickly document how you handle e-mail requests, for example, how long these requests are stored and which employees/departments have access to them.
Data processor contracts
If you pass on personal data to commissioned data processors (parcel service, newsletter dispatch, tax advisor, etc.), you need a corresponding contract with this service provider according to the GDPR. This agreement must make clear which data will be passed on and for what purpose. In the easyGDPR software, you can specify which companies you commission for which purposes and automatically receive the appropriate commissioned data processing contract. You then have your service provider sign this and attach it to your DSGVO documentation.
Report data privacy violations
If, despite all precautionary measures, personal data should nevertheless reach unauthorized persons, then you are obliged under the GDPR to report this to the competent data protection authority. In this case, the notification must be made within 24 hours of becoming known. Without the appropriate expert knowledge, such a letter can become a stumbling block. With easyGDPR, you can design the mandatory notification with just a few mouse clicks.