A multitude of business partners have access to your company’s personal data. Are you sure they comply with the GDPR Privacy requirements? As data controller, it is your obligation to find out and make sure they do. The GAN platform makes sure you have the right process in place to manage processors’ privacy risk rating and disclosures: risk rate your processors, collect privacy disclosure forms and build automatic documentation of your processor data privacy risk management with our web based solution.

Vendor GDPR Assessment Features:

  • Automate preliminary privacy risk assessments of all processors
  • Generate and send electronic privacy disclosure forms to high risk data processors
  • Differentiate disclosure requirements or start approval escalations based on risk levels
  • Manage hundreds of privacy disclosures without hassle
  • Maintain overview and analytics of all data processors’ privacy disclosures and your company privacy risk exposure

APPLY CONSISTENT AND EFFICIENT DATA PROCESSOR ASSESSMENTS

Assess dozens of processors without losing control and apply consistent workflows across the organization regardless of who initiates the assessment.

COLLECT AND MANAGE DOCUMENTATION WITH EASE

Drop the Excel spreadsheets and manage documentation with ease by launching and storing all data privacy questionnaires in web format.

MONITOR AND CONTROL THE APPROVAL FLOW

Maintain overview over the progress of assessment and approval of all processors and implement automatic escalation routes when processors show red flags.

MAINTAIN A REPOSITORY FOR YOUR PROCESSOR GDPR PRIVACY ASSESSMENT

A single auditable log is created and the full documentation of the processor’s assessment and responses is stored automatically. 

Simple processor risk assessment

Conduct a data protection impact assessment through simple questionnaires and make a fast determination of the privacy risk level of the processor. Once submitted, the tool will launch a disclosure form or trigger escalation automatically, based on the scoring of the impact assessment.

Create web-based privacy disclosure forms

No more excel or MS Word based disclosure forms, email attachments and inconsistent documentation. Build disclosure forms in a very intuitive interface and let the platform deliver them in a web format directly into your data processor’s inbox. Create your own disclosure form or use our standard best practice ones. The platform can even deliver different disclosure forms depending on the type of data processor.

Use a risk-based approach

Scope data protection assessments by producing risk-based workflows: let the platform trigger automatically in-depth disclosure forms for processors with access to sensitive data, while applying a more lenient approach to lower risk processors.

Governance Workflows

Build approval workflows and escalation procedures that match the privacy risk assessments: Assign permission rights to the proper employees and ensure that only high risk cases are channelled to data security compliance officers.

Keep oversight of all privacy disclosures and evaluations

Tens, hundreds or thousands of processors: the platform’s filtering and reporting capabilities allow you to keep control over all approval flows. Zoom in on the progress of a single evaluation or get an overview of third parties with access to your company’s sensitive data, of regional high-risk processors, and much more.

Post-approval follow-up and mitigations

The implementation of post approval mitigation actions and monitorships is crucial when a high-risk processor is approved. Where privacy assessments show a need for ongoing mitigation efforts, you can create mitigation actions in a to-do list format allowing you to keep track of the open items. You can even assign these items to your colleagues and monitor the completion.

Real experts at your service!

We think about service a bit differently than most.  To us, we’re your colleagues in another office.  Same team, same goals.   Expect to hear from us, see us, and feel us working for you.   Request a Demo