'Most Innovative Startup 2020' by RSA - Watch the pitch videoView More
The EU General Data Protection Regulation (GDPR) came into effect on May 25, 2018 and changed the global privacy landscape. It has broadened the definition of processing activities and personal data, impacting companies worldwide, and has tightened the rules to obtain consent before processing information.
PRIVACI.ai enables organizations to meet EU GDPR compliance requirements through AI-driven PI data discovery, DSR automation, documented accountability, enhanced visibility into data processing activities and AI-driven process automation.
See how our comprehensive PrivacyOps platform helps you comply with various articles of GDPR
GDPR Article: 12
Build customized, branded web forms to accept verified data subject rights requests. Automate the initiation of fulfillment workflows when verified requests are received.
GDPR Articles: 12, 13, 14, 15, 20
Notify data subjects of their data privacy rights and simplify the initiation of a verified data subject rights requests. Automate the generation and delivery of secure data access and data port reports.
GDPR Articles: 12, 13, 14, 15, 19, 20
Disclose the required information to the consumer within 30 days of receiving a verifiable data request. Free of charge, and delivered through a secure portal.
GDPR Articles: 16, 19
Seamlessly fulfill data rectification requests with automated data subject verification and rectification workflows across all appearances of a subject’s personal data.
GDPR Article: 17
Dependably fulfill erasure requests through flexible, automated, and customizable workflows.
GDPR Articles: 16, 19
Build a framework for objection and restriction of processing handling based on business requirements through a collaborative workflow.
GDPR Data Governance
Continuously scan and monitor data against non-compliance to subject rights, data residency or security controls. Surface new PD types, categories and data flow risks on an ongoing basis.
GDPR Data Governance
Use our collaborative, multi-regulation, readiness assessment system to measure your organization's posture against CCPA requirements, identify gaps and address risks. Seamlessly expand assessment capabilities across your vendor ecosystem to maintain compliance with CCPA requirements.
GDPR Articles: 7, 21
Automatically scan the organization’s web properties and categorize cookies and tags. Build customizable cookie banners with the results to display banners, collect consent and provide a preference center to manage cookie preferences.
GDPR Article: 7
Monitor consent to ensure data is processed legally. Track consent revocation to prevent the processing or transfer of data without consent. Demonstrate consent compliance to regulators and data subjects.
GDPR Articles: 5, 24, 25, 35, 36
Use our collaborative, multi-regulation, readiness and DPIA assessment system to measure your organization's posture against GDPR requirements, identify gaps and address risks. Seamlessly expand assessment capabilities across your vendor ecosystem to maintain compliance against GDPR requirements.
GDPR Articles: 6, 30, 32
Trace data flow across your digital estate, catalog data collection and transfer points and document all business process flows internally and to service providers or 3rd parties. Maintain an inventory of processing components and generate article 30 processing reports.
GDPR Articles: 28 (1)(2)(3), 24(1), 29, 46(1)
Track, monitor and manage privacy and security readiness for all your service providers from a single interface. Collaborate instantly, automate data requests and deletions, and manage all vendor contracts and compliance documents.
The most comprehensive piece of privacy legislation developed by any jurisdiction to date.
Applies to all companies processing the personal data of data subjects residing in the EU, regardless of the company’s location.
Data security breaches should be reported to the supervisory authority and affected individuals within 72 hours.
Organizations must appoint a Data Protection Officer who oversees the data protection strategy and compliance against the regulation.
Fines for non-compliance could range between €20 million or 4% of worldwide annual turnover.
Focuses on data protection and therefore outlines clear requirements around personal data protection including encryption, access control, monitoring and audits.
Includes new and increased rights for individuals, including the right to data portability and the right to be forgotten.
Outlines strict rules for gathering legal consent before processing personal data. Records must be maintained to allow users to withdraw consent at any time.
Applies to both data collectors (controllers) and data processors with the controller being responsible for the processors’ security posture.