The following tasks can be performed with easyGDPR lite:
DSGVO Requirements Analysis/DSGVO Quickcheck
By asking short, targeted questions, you can find out your DSGVO status in just a few minutes. This status gives you the basic information about what measures are necessary to become DSGVO-ready.
easyGDPR is used to record all processes that collect personal data. Many templates make the capture particularly efficient. This shortens the time needed to create the directory and prevents important procedures from being forgotten.
In addition, industry-specific templates are also available, here many processes are already pre-filled. This makes the creation of the processing directory according to DSGVO a breeze.
A risk analysis can be written for each processing with easyGDPR lite. This function shows the risk associated with the collected data. A distinction is made between how high the risk would be if
- the data would be temporarily unavailable,
- the data would be permanently lost or
- the data would be stolen or published on the Internet.
A separate risk assessment can be made for each of these points. If data of special categories (sensitive data, such as health data, biometric data, religious affiliation, etc.) is processed, you should conduct a data protection impact assessment in accordance with the GDPR. The data protection impact assessment replaces the previously mandatory notification to the Data Processing Register (DVR). If you are unsure whether or not you need to conduct a data protection impact assessment, please contact a GDPR expert or take advantage of our GDPR advice.
List of processors
In easyGDPR lite you can create a directory of your processors. As soon as you transfer the collected data to a service provider, you must, according to the General Data Protection Regulation, conclude a commissioning contract with this company.
The creation of order processing contracts is available as of easyGDPR standard.
Catalog of measures
In the catalog of measures, you document in four categories which measures have been taken to ensure data protection.
You will be asked what measures have been put in place to minimize the risk of data theft. This involves documenting not only IT security measures, such as whether a firewall and virus scanner are in place, but also organizational measures, such as the presence of alarm systems and access control systems.
Use the form to document how data is protected from unauthorized access. In addition to questions about password policies and administrator rights, the handling of waste paper (e.g. whether data shredding is available) is also documented.
Data integrity describes whether the existing data is correct and whether it is traceable whether data has been changed. easyGDPR queries whether your systems log the entry, deletion and modification of data. This is the only way to ensure that the data used has not been manipulated.
Data availability is an essential point so that companies can access the data they need when they need it. You can specify whether various measures have been taken (fire extinguishers available, uninterruptible power supply, etc.) to ensure data availability. Furthermore, the backup strategy used is also documented.
Advantages of easyGDPR lite at a glance
- Low acquisition costs
- Create detailed documentation with little effort
- Various templates speed up the documentation process
- Consideration of the Austrian and German data protection laws
- Optimized for DSGVO implementation for one-person companies, small and medium-sized enterprises(EPU & SME)
- PDF export of your documentation
- Fast adaptation to changes in business processes
- If required, easyGDPR is also available in combination with our implementation workshop