Skip to content

A complete GDPR compliance programme solution.

GDPR software to simplify your compliance by:

Helping you understand your risks. Giving you cloud based documentation tools, so you can demonstrate you've implemented adequate technical and organisational measures. Giving you the tools in a software to actively manage data privacy and demonstrate ongoing compliance.

gdpr-priviq
Article 30 processing register

Capture your personal data processing activities, lawful bases and retention policies. Record what types of data you’re capturing, where it’s being processed and where you’re collecting it.

Audit and Data Protection Impact Assessments ​

Use the assessment tool to work out if you need to do a DPIA, run an overall compliance audit and document all processing, related risks and mitigations.

GDPR Articles: 25, 35 and 36

Vendor (processor) manager​

Map what personal data you’re sharing with each processor. Document and justify the data transfer outside the EU. Generate and store Data Processing Agreements and risk and compliance analysis against each processor.

GDPR articles: 24, 28, 29 and 46.

Data subject rights manager​

Manage incoming data subject requests. Verify the data subject's identity, assign the request to an owner, see where to retrieve the data and do it all within the legal time requirements.

GDPR articles: 12, 13, 14, 15, 16, 17, 18, 19, 20 and 21

GDPR services​
  • GDPR GAP Analysis
  • GDPR EU Representative
  • Policy and Privacy Notice Templates
Data Breach Incident Manager ​

Record and assess the severity of a data breach. Use the guidelines to report it to the ICO and inform impacted data subjects. Record events and actions to mitigate repeats.

GDPR articles: 33 and 34

 

UK GDPR compliance programme solution

We simplify your UK GDPR compliance by:

The UK Data Protection Act of 2018 and the Data Protection, Privacy and Electronic Communications Regulation form what is the UK GDPR. UK organisations need their GDPR documentation to align with the UK GDPR giving special consideration to data flows that reflect the UK’s independent jurisdiction. UK organisations offering goods or services to EU residents will also need to comply with the EU GDPR.

Our software helps you implement and manage your UK GDPR privacy program and ensure you’ve got the documentation to demonstrate your compliance with it and the EU GDPR where necessary.

gdpr-priviq

We help you understand your risks and give you cloud-based documentation.

Do you process EU residents’ personal data? ​

We can provide you EU representative services and help you identify a lead supervisory authority in the EU.

GDPR Article: 27

International transfers of personal data ​

Do you receive and process personal data of EU residents? Do you have adequate safeguards in place in the event that the UK doesn’t have an adequacy decision in place by July 31, 2021? Are you transferring EU personal data onwards?

GDPR articles: 44, 45, 46, 47, 48 and 49

Article 30 processing register ​

Capture your personal data processing activities, lawful bases and retention policies. Record what types of data you’re capturing, where it’s being processed and where you’re collecting it.

Audit and Data Protection Impact Assessments (DPIA)​

Use the assessment tool to work out if you need to do a DPIA, run an overall compliance audit and document all processing, related risks and mitigations.

GDPR Articles: 25, 35 and 36

Vendor (processor) manager​

Map what personal data you’re sharing with each processor. Document and justify the data transfer outside the UK. Generate and store data processing agreements and risk and compliance analysis against each processor.

GDPR Articles: 24, 28, 29 and 46.

Data subject rights manager​

Manage incoming data subject requests. Verify the data subject's identity, assign the request to an owner, see where to retrieve the data and do it all within the legal time requirements.

GDPR articles: 12, 13, 14, 15, 16, 17, 18, 19, 20 and 21

UK GDPR Services​

Run GDPR GAP analysis. Select UK GDPR representative. Use templates to create policy and privacy notices.

Data breach incident manager ​

Record and assess the severity of a data breach. Use the guidelines to report it to the ICO and inform impacted data subjects. Record events and actions to mitigate repeats.

GDPR Articles: 33 and 34

 

Our service will enable you to make your clients compliant.
For CCPA, we only work through our partner channel

Who must comply? ​

For businesses that process personal information of California residents.

Have either:

  • $25 million in annual revenue.
  • Hold personal information on more than 50,000 or more, consumers, households or devices.
  • At least half their revenue is form sale of personal information.

Manage compliance tasks ​

  • Governance.
  • Incentives.
  • Do not sell.
  • Consumer Access.
  • Data Mapping.
  • Employee communications.

Collaborate in teams ​

  • Administrators.
  • Compliance users.
  • Task owners.

Consumer requests and consent ​

  • Manage consumer requests.
  • Manage DNSMPI (do not sell my personal information).
  • Query DNSMPI database.

We have made CCPA compliance simple for your clients. ​

In the USA we work exclusively through a partner channel. Our partners are privacy professionals and consultants who can provide all the necessary assistance and onboarding to clients. If you are looking for the service for your organisation, contact us and we will refer a partner to assist you in your compliance journey.

 

A complete LGPD compliance solution

We simplify LGPD with our software

Brazil’s Lei Geral de Proteçäo de Dados (LGPD) shares many principles of the Europe’s GDPR. Brazilian organisations must meet specific data protection obligations and provide data subjects privacy rights. Like our GDPR software, our LGPD solution helps you implement and manage your LGPD privacy program and ensure you’ve got the documentation to demonstrate your compliance.

We help you understand your risks and give you cloud-based documentation.

lgpr-filter
Data Processing Register​

Link data subjects to your data processing activities, lawful bases and data flows. Document the personal data you’re collecting, and where it’s being processed.

LGPD Articles – 6-18. 15. 19. 33 and 37

Audit and Data Protection Impact Assessments ​

Use our impact assessments and audit checklists to determine your risks and assign priorities and review periods to them.

LGPD Articles: 6-7, 9-12, 15-16, 18, 20-21, 38-39, 46-47, 49-50.

Vendor (processor) manager​

Manage vendors, their processing activities and agreements from a single location.

LGPD Articles: 6-7, 9-12, 15-16, 18, 20-21, 38-39, 46-47, 49-50.

Data subject rights manager​

Use prebuilt forms to simplify data subject access requests and verify a subject’s identity.

LGPD Articles: 6, 9, 15, 18-21 and 50

LGPD Services: ​
  • LGDP audits
  • Generate reports for your board and executives
  • Policy and Privacy Notice Templates
Data Breach Incident Manager ​

Record and respond to incidents. Assess the incident severity and comply with LGPD notification requirements.

LGPD Article: 48

 

With our exclusive white labelled partner in Thailand, Vinarco-Formiti we bring a comprehensive PDPA compliance service.​

Privacy policy design and management
Ongoing data protection services
Data privacy process design
Data regulation training and awareness
Third party due diligences
Audit of physical document archives
Audit of 3rd party data processor contracts
Data access control audits
Recruitment of compliance personnel

PDPA compliance from PrivIQ is offered by our white labelled partner in Thailand

vinarco-formiti-logo

 

With our partner in Nigeria; DAPT we bring a comprehensive NDPR compliance service.​

NDPR compliance from PrivIQ is offered by our partner in Nigeria, www.dapt.com.ng

dapt-logo

Together with our partner in Nigeria, DAPT, we provide a comprehensive NDPR compliance service.

Our NDPR cloud-based solution provides the ability to:

Conduct data protection assessments

Manage personal data mapping

Create and distribute governance policies and procedures

Manage data processing and sharing contracts

Process data subject access requests

Conduct data protection impact assessments

Record any data breaches and remedial actions taken

Accountability​​

PrivIQ will help you manage your entire NDPR program and, together with your DPCO, demonstrate compliance to the NITDA with full confidence. Maintain a real-time, fully integrated audit of privacy and data protection Practices. Implement the necessary Policies.

Lawfulness and purpose​

Use our data mapping module to navigate the lawful conditions for processing personal data. Generate processor and data sharing contracts. Manage transfers ex Nigeria.

Openness​

Auto-generate authentic privacy notices and keep them up to date at all required locations automatically.

Data Subject Participation​

Provide mechanisms for your data subjects to engage with your organisation. Efficiently manage responses to data subjects’ access requests.

Operations​

Collaboratively conduct and manage operational compliance and ongoing risk audits. Involve all stakeholders through training and awareness.

Security​

Conduct Privacy Impact Assessments. Manage responses to personal information security incidents.

NDPT compliance needn't to be complicated

 

POPIA is here.

All organisations must comply.​

Our service will enable you to make your clients compliant.

Demonstrate Compliance​ ​

  • HR
  • IT & Security
  • Consent Management
  • Marketing

Manage compliance tasks​

  • Compliance
  • Governance
  • Employee comms
  • Data Mapping
  • Operator Agreements
  • Data Sharing
  • Breach management
  • Subject Access
  • Privacy Impact Assessments

Collaborate in teams ​

  • Administrators
  • Compliance Users
  • Subject Access
  • Task owners

Manage subject access requests​

  • Form C
  • Full process from request received to completed or rejected.
  • Trackable tasks
Accountability​​

Section 8. Manage your entire POPIA program and demonstrate compliance. Maintain your registration at the regulator. Maintain a record of your data processing activities. Adopt and implement required governance policies.

Lawfulness and purpose​

Section 9-14, 72. Use our data mapping module to navigate POPIA’s strict lawful conditions for processing personal information.
Generate operator contracts.
Manage data transfers out of South Africa.

Openness​

Section 18. Create comprehensive privacy notices and keep them up to date at all required locations automatically.

Data Subject Participation​

Section 23-25. Provide mechanisms for your data subjects to engage with your organisations. Efficiently manage responses to requests using all of PAIA’s conditions.

Operations​

Collaboratively conduct and manage operational compliance and ongoing risk audits. Involve all stakeholders through training and awareness.

Security​

Section 19-22. Conduct Privacy Impact Assessments. Manage responses to personal information security incidents.

POPIA compliance needn't to be complicated.

In South Africa we work exclusively through a partner channel.
Our partners are privacy professionals and consultants who can provide the necessary assistance and onboarding.
If you are looking for the service for your organisation. contact us and we will refer a partner to assist you.

 

A complete KVKK compliance solution

We simplify your KVKK compliance by:

Turkey’s Kişisel Verileri Koruma Kanunu (KVKK) shares many principles of Europe’s GDPR. Turkish organisations and foreign organisations doing business in Turkey must meet specific data protection obligations and provide data subjects privacy rights. Like our GDPR software, our KVKK solution helps you implement and manage your KVKK privacy program and ensure you’ve got the documentation to demonstrate your compliance.

We help you understand your risks and give you cloud based documentation.

kvkk-home-page
KVKK Principles ​

Demonstrate compliance with KVKK principles, which indicate that personal data must be:

  • Processed fairly and lawfully
  • Accurate and up-to-date
  • Processed for specific, explicit and legitimate purposes
  • Relevant, adequate and not excessive
  • Kept only for a term that's necessary for purpose.

KVKK article: 4

Personal Data Processing Inventory ​

Document your data processing in relation to the procedures and principles of the law: lawfulness of purpose, data accuracy, data limitation and retention.

KVKK article: 4

Personal data transfers ​

Manage transfers inside and outside of Turkey, map what personal data is being transferred, using the appropriate lawful basis and generating the relevant contracts or agreements.

KVKK Articles: 5, 6, 8 and 9

Obligation to inform​

Auto-generate a privacy notice that contains all the information you are obligated to make your data subjects aware of.

KVKK Articles: 10 and 11

Data Security ​

Use the audit checklists to ensure, and to document, that you have adequate technical and organisational security in place. Use the DPIA tool to assess the processing risk associated with new projects and existing operations. Use the breach management tool to manage and respond to security related incidents.

KVKK Article: 1

Data Subject Rights Manager ​

Manage data subject access requests and complaints using inbuilt forms and workflows that simplify the process.

KVKK Articles: 6, 7, 11, 13 and 15

KVKK compliance needn't have to be complicated.