Role-based Privacy Workspace
Same arc as How it works: exposure → gaps → evidence. Map processing, track obligations, and export reports—on-site diagnostics need no account.
Key Challenges
DPOs need a continuous, defensible view of privacy posture — across data flows, consent, vendors, and obligations — without drowning in spreadsheets.
- Maintaining accurate Article 30 records as systems and vendors change
- Identifying which processing activities require a DPIA (Art. 35)
- Tracking DSAR deadlines and evidence without dedicated tooling
- Producing explainable evidence for regulator investigations and audits
Privacy Risk Radar + Data Mapping
Posture scoring with explainable drivers. Filter by GDPR, CCPA/CPRA, NIST Privacy Framework, and other state or sector lenses.
Walk through one assessment to capture processing detail, then export snapshots (JSON, CSV, PDF) to support records of processing and reviews.
- Open access — no account needed
- Multi-framework lens filtering (GDPR, CCPA/CPRA, NIST PF, and more)
- Exports to support Article 30 documentation
- Exportable snapshot (JSON / CSV / PDF)
DSAR Workflow + DPIA Generator
Route and track data subject requests with deadlines and a clear evidence trail.
Build structured DPIA drafts for high-risk processing, linked to your data inventory (Workspace).
- Per-request deadline tracking
- Structured DPIA drafts (Art. 35–oriented)
- Linked to data inventory & vendor register
- Audit trail for regulator review
One programme · two connected surfaces
From first signal to audit-ready proof
Privacy Review and the Privacy Operations Workspace are built to work as a single arc: fast, browser-based diagnostics on this site feed the same record of processing, compliance posture, and remediation you run in the Workspace—so you are never choosing between “a checklist” and “the system of record.” Coverage spans GDPR, UK GDPR, CCPA/CPRA, HIPAA, FERPA, NIS2, NIST Privacy Framework, EU AI Act, ISO 27701, U.S. state privacy laws, and Maryland MODPA where it applies.
Steps 1–2 · Front door to the programme
Privacy Review
Use this site to sense-check posture before you commit work to the team: cross-framework snapshots, structured readiness reviews, MODPA paths, and risk radar views that translate law and enforcement context into priorities you can act on.
No signup is required for many checks. When you move into the Workspace, you bring those findings into diagnostics and remediation—so scores and gaps are not stranded in a one-off PDF.
- PrivacyPosture™ Dashboard Executive-style posture snapshot across the frameworks you care about.
- Privacy Exposure Check Deep, framework-aligned exposure pass (e.g. GDPR, CCPA, NIST PF)—runs locally in your browser.
- Privacy Risk Radar Prioritize themes with enforcement and regulatory context—not a flat heat map.
- All regulatory readiness reviews GDPR, CCPA/CPRA, HIPAA, FERPA, NIS2, CSRB (UK), and more—in one catalogue.
- Maryland MODPA tools Applicability screener plus business and education reviews when MODPA applies.
Steps 2–4 · System of record
Privacy Operations Workspace
Operate, remediate, and evidence—in one place
The Workspace is where Privacy Review outputs become durable operations: a living RoPA, linked vendors and systems, tracked obligations, DSAR and DPIA workflows, and a remediation line that closes gaps with owners, due dates, and proof.
Re-run reviews on this site whenever the law or your stack shifts; the Workspace keeps one timeline and one evidence trail so audits and board updates reference the same programme—not a patchwork of spreadsheets.
- Processing activities register & data flows Authoritative map of how personal data moves—from collection through sharing and retention.
- Compliance framework tracker One pane for GDPR, UK GDPR, CCPA/CPRA, HIPAA, FERPA, NIS2, state laws, and the frameworks you enable.
- Assessments & data subject requests DPIAs, intake, and DSAR handling with SLAs—fed by the same diagnostics story as Privacy Review.
- Remediation roadmap with owners and evidence Priorities, assignments, and attachments so “fixed” is demonstrable under scrutiny.
- Board and regulator reports Exports and briefs that roll up to the same registers and completed work—not a parallel narrative.
Continuous loop. Run Privacy Review whenever you need a fresh read; the Privacy Operations Workspace is where that read turns into registers, tasks, and audit-ready proof—without re-keying or reconciling two “versions of the truth.”
How It Works · PrivacyPosture™ Dashboard · Privacy Risk Radar · All reviews
View pricing