Iubenda Internal Privacy Management
The solution to easily document all the data processing activity within your organization
Create your record of processing activity: add processing activities from 600+ pre-made options, divide them by area, assign processors and members, document legal bases and other GDPR-required records.
Not sure what you need? Getting started guide
In order to comply with privacy laws, especially the GDPR, companies need to keep a record of how they store and use the data they collect from users. In particular, they must document in writing:
Legal basis for processing
Data transfer outside of the EU, if any
The parties that you share the data with, both inside and outside of your organization
How it works
1. Define areas
Areas are perimeters within which data processing activities are homogeneous. Examples of areas are your website, mobile app, physical stores, employees, recruiting, manufacturing facility etc.
2. Add processing activities to each area
For each area, you can add processing activities out of a list of 600+ pre-made ones. For instance, you'll add “Payroll processing” to your “employees” area, or “Google Analytics” to your “website” area.
3. Add details about each processing activities
For each processing activity, add your data retention policy, security measures, legal basis for processing etc.
Features and benefits
Easily compile your record of data processing activityEasily make your organization GDPR compliantAdd areas to granularly describe your processing activitySeamlessly integrated with all the iubenda compliance solutionsEasy to use and comes with 600+ pre-made processing activities you can add to your areasManage multiple projects with a single accountDescribe the details of your data processing activityDefine security measures for each data processing activityDefine retention policy for each data processing activityDefine all the GDPR data processing detailsAssign members to areas and to processing activitiesDefine roles for each member (Controller, Processor, member of the controller's organization, subject)Coming
Create and export reportsComing
Automated Data Protection Impact Assessment (DPIA)Coming
Generate and manage data processing agreements with processors, employees and members in generalComing
Generate and manage internal privacy documentation
Trusted by over 60,000 clients in 100+ countries
Is the IPM Tool only for companies trying to comply with the GDPR?
Even though the GDPR is a common reason to put more effort into internal privacy management, our tool is not exclusively made for application under the GDPR. It can also be used for internal privacy management in general, even by companies who do not have any users/customers within the EU.
How does the Internal Privacy Management tool work?
The IPM tool makes the complex task of managing internal privacy a simple and straightforward one. The tool lets you define specific ares of data processing, add processing activities and members involved in the processing to each area and also lets you add all necessary details related to the processing activities. This makes it simple for you to comply with requirements (including but not limited to the GDPR), and track and manage the data you collect, the purposes for collection, all parties involved, company details — including data of employees — and more.
Documentation and Guides
Part of a 360° compliance solution
A complete set of solutions to make your website or app compliant with the law, across multiple languages and legislations