Any organisation that collects or processes data of individuals located within the EU is required to comply with GDPR, regardless of the location of its physical headquarters. In order to comply with GDPR, organisations must obtain informed consent from individuals to process their data for one or more purposes.

What it means for your organisation

GDPR requires organisations to establish a privacy policy, an up to date and detailed list of the personal data processing which it is undertaking, and procedures to ensure that the rights granted by GDPR to individuals over their data are respected.

Data protection impact assessment (DPIA)

Determine where and why personal data is being processed, who has access to it (incl. third parties), any protections in place, and when you plan to erase it.

Data protection by design

Implement data protection measures in line with the of nature and extent of the personal data processing. Establish a Data Processing Register to keep track.

Implement privacy processes

People have the right to see which data you have, how you are using it, and why you are keeping it. They may request you to remove it or restrict access.
Tidal Framework image

Be GDPR compliant with Tidal Control

Tidal GDPR content library

Predefined GDPR controls mapped to all other frameworks. Controls have test guidance, prefilled control labels, and suggested evidence.

Data Protection Impact Assessment

Perform data protection impact assessments directly in Tidal, and find out which Assets are relevant for your GDPR controls.

Monitor GDPR compliance

One place to keep track of - and report on - privacy measures taken, data processing, third party agreements, and GDPR user requests.

Privacy expert support

Implementing GDPR has legal, process, and technology angles. Our privacy experts will help you deliver everything you need in one go.

Automated evidence collection

Collect data from your IT assets automatically and attach it to the right control activity. Receive an alert when new gaps are identified.

Trust reporting

Demonstrate compliance with Data Processing Agreements directly from Tidal, to increase trust and shorten due diligence and contracting.