1. Introduction
From selecting customer categories to defining access rights, follow the instructions below to navigate through the process effortlessly.
2. Click the dropdown menu
Click at the dropdown menu
3. Choose from the list or create new
Fill
What is a Data Subject?
A data subject is any individual whose personal data is collected, stored, or processed by an organisation. Under the General Data Protection Regulation (GDPR), a data subject has specific rights regarding their personal data, including access, correction, deletion, and data portability.
Examples of Data Subjects:
-
Customers purchasing goods or services
-
Employees working for a company
-
Website visitors whose data is tracked through cookies
-
Patients receiving medical care
-
Subscribers to newsletters or online services
A data subject does not have to be a customer or directly involved with an organisation; anyone whose personal data is processed qualifies. Organisations handling personal data must ensure compliance with GDPR to protect data subjects' rights.
4. Number of data subjects: Click at the dropdown and select
Choose from the list or enter custom number of subjects
This field is not mandatory, but you can choose to set the number of persons you handle data about.
5. Number of employees who process the data: Click the dropdown an select
Choose from the list or enter custom number of processors
This field is not mandatory, but you can choose to set the number of persons in your organisation who have access to the data about the registered people.
6. Data source: Click dropdown and choose from list
Click
From where do you retrieve the data about the data subjects? Select one or more options in this field. This field is not mandatory.
7. Security measures: click dropdown and select from the list or create new
Select the security measures that apply to your processing activity. You can select multiple security measures for each processing activity.
The selected measures are added to a list below the input. Here, you can mark whether each measure is implemented or not. This way, you can use the input both for already implemented measures and for planning measures that you intend to implement.
What is a Security Measure?
A security measure is any action taken to protect data, systems, and processes from unauthorised access, loss, or damage. Security measures help ensure confidentiality, integrity, and availability of data, which is essential for compliance with regulations like the GDPR.
Security measures can be divided into technical and organisational measures:
Technical Measures
These involve technology-based protections, such as:
- Encryption to protect data in transit and at rest
- Access controls like multi-factor authentication (MFA)
- Firewalls and intrusion detection systems
- Regular software updates and security patches
Organisational Measures
These involve policies, processes, and training, such as:
- Security policies defining data handling rules
- Employee training on cybersecurity and GDPR compliance
- Incident response plans for handling data breaches
- Regular audits to assess security effectiveness
A strong security strategy includes both technical and organisational measures to ensure compliance and protect sensitive data.
8. You have now finished step 2 and are ready to proceed with the next steps
Proceed by clicking “Next.”
