GDPR LIBRARY EU

GDPR Library EU and DPIA tool to enhance data protection investigations

When using applications or online services, personal data must be protected by the EU Data Protection Regulation (GDPR). This means it is necessary to find out how the service processes personal data and, if necessary, carry out an impact assessment (DPIA) of possible risks.

These are important but time-consuming and complex tasks. The problem when doing data protection surveys and assessments is that every organization looks for the same GDPR information on the service providers’ privacy websites, which can consist of up to dozens of sub-pages. Likewise, organizations often do laborious impact assessments themselves from the beginning or they may even not do them at all.

Benefits

In the GDPR Library, the GDPR information on applications and online services has been collected directly from the service providers for all customers. The information is kept up-to-date with periodic update surveys to service providers, and customers are notified of changes. New service providers are constantly contacted, so the GDPR library also grows cumulatively.

The DPIA tool, on the other hand, facilitates and speeds up impact assessments by bringing the service provider's GDPR information to use at the right point in the assessment and by providing model sentences. The tool enables collaboration during the evaluation process and with it, the finished DPIAs can be published to other users as anonymous templates with the idea "Make one DPIA well and share it, you will get DPIA templates shared by others to use."

Structure

The GDPR Library EU has been developed in cooperation with Finnish data protection experts. In addition, the development partners of 10 customer organizations have participated in the development of the service.

 

The database structure consists of approximately 100 questions, their answer options, and additional information provided by the service provider. The structure is updated when the GDPR regulations change, and service providers are asked to update the information they provide annually. All data fields are logged, which means that changes made to them leave a username and time stamp. Previously entered information can be found in the log history.

You can find the GDPR Library at: https://softwarelibrary.eu

Pricing outside Finland

The pricing is based on the number of employees of the entire organization in person-years (permanent + temporary):
???
The valid VAT is added to the prices. The prices are the prices of end-user organizations. Retailers, in-house companies, and other service organizations can request a separate offer>>

​

​