Any organisation that collects or processes data of individuals located within the EU is required to comply with GDPR, regardless of the location of its physical headquarters. In order to comply with GDPR, organisations must obtain informed consent from individuals to process their data for one or more purposes.
What it means for your organisation
Data protection impact assessment (DPIA)
- Determine where and why personal data is being processed, who has access to it (incl. third parties), any protections in place, and when you plan to erase it.
Data protection by design
- Implement data protection measures in line with the of nature and extent of the personal data processing. Establish a Data Processing Register to keep track.
Implement privacy processes
- People have the right to see which data you have, how you are using it, and why you are keeping it. They may request you to remove it or restrict access.
Be GDPR compliant with Tidal Control
Tidal GDPR content library
- Predefined GDPR controls mapped to all other frameworks. Controls have test guidance, prefilled control labels, and suggested evidence.
Data Protection Impact Assessment
- Perform data protection impact assessments directly in Tidal, and find out which Assets are relevant for your GDPR controls.
Monitor GDPR compliance
- One place to keep track of - and report on - privacy measures taken, data processing, third party agreements, and GDPR user requests.
Privacy expert support
- Implementing GDPR has legal, process, and technology angles. Our privacy experts will help you deliver everything you need in one go.
Automated evidence collection
- Collect data from your IT assets automatically and attach it to the right control activity. Receive an alert when new gaps are identified.
- Demonstrate compliance with Data Processing Agreements directly from Tidal, to increase trust and shorten due diligence and contracting.