Data protection platform

Request a Demo

redflare . gdpr

Designed by Certified Data Protection Officers, red flare GDPR allows an organisation to demonstrate compliance with EU General Data Protection Regulations, manage data incidents and deal with data subject requests.

GDPR project planning

A pre-populated self assessment compliance plan can help your organisation identify any privacy concerns or deficiencies in personal data processing. Through simple red, amber, green traffic light reporting, you can identify the priorities for becoming fully GDPR compliant.

Data processing records

Identify the personal data you collect, store and process, align the data with business flows and comply with the principle of data minimisation by ensuring that only relevant information is collected and subsequently processed in line with the data subjects expectations and understanding.

Record the legal basis for each data element, and ensure access to personal data by both internal teams and external partners is appropriate and necessary.

red flare will automatically flag concerns for high volume, high risk, cross border or third party processing. Record the justifications and mitigating measures against each concern to demonstrate to a supervisory authority that your organisation’s culture is one of privacy by design.

Subject Access Requests (SARs)

Manage Subject Access Requests with red flare’s standard workflow of :

  1. Receipt of request via manual recording or through our published API
  2. Verification of data subject, scoping of request and assignment to internal owner
  3. Collection and collation of relevant personal data
  4. Review by Data Protection Officer and document decision to release, summarise, restrict or exclude data sets
  5. Release of data to data subject via secure online portal

The statutory timeline including any negotiated extensions due to complexity or volume are monitored by the system, with an amber alert raised where completion of request may fall outside the mandatory deadlines.

Benefits

Securely hosted and backed up in the cloud

Simple browser based navigation

Easy to use and fully functional

Comprehensive reporting

Role based access controls

Traffic light dashboards provide clarity

Track, tag and flag – Monitor and follow up issues

Completely paperless environment

Fully integrate privacy risks within your organisation’s enterprise risk processes and systems

Functionality

Privacy risk register

Ensure privacy risks identified during a project’s Privacy Impact Assessment scoping exercise are properly managed deployed into business as usual processes on project completion with the red flare privacy risk register fully integrated into your organisation’s enterprise risk management processes.

Demonstrable compliance

Maintain ongoing compliance with General Data Protection Regulations from Chapters 3 (data subject rights), 4 (controller and processor responsibilities) and 5 (transfer of data to third parties) with the pre-configured GDPR compliance plan.

Data processor due diligence

Verify personal data is adequately protected across your value chain with red flare’s vendor management due diligence and contract management modules. Ensure that contracts are up to date and include all necessary data protection clauses, and that external data processors understand and properly manage any personal data they process on your behalf.

Data processing records

Privacy Impact Assessment

Data processor management

Incident reporting

Subject Access Request

Software register

Backup logs

red flare’s data incident register facilitates breach review, breach history and breach mitigation. The traffic light dashboard allows management to quickly determine where resources are most needed, and to ensure that allocated resources are deployed effectively.

Managing data incidents

A full register of data incidents is maintained, allowing the DPO and members of the management team access to the current status of data incidents, when they were reported to the regulator, what steps have been taken to mitigate harm, what remediation steps are still outstanding.

Historical incidents, their causes and the remediation plans deployed are maintained, enabling lessons learned analysis and cold reviews to identify failings that require a systemic approach.

A complete audit trail of all actions taken is maintained, which can be used to demonstrate to the supervisory authority that all necessary steps were taken, and performed within good time.

Contact red flare to arrange a demo

Arrange a Demo