EU Regulation 2016/679GDPR Audit Application
GDPR Audit Application
Data Protection
Digitize your GDPR audits. Processing register, data subject rights, security - complete checklist, PDF report.
Free 7-Day TrialCompliance Points
Processing Register
Inventory, purposes, legal bases, retention periods.
Data Subject Rights
Access, rectification, erasure, portability.
Security
Technical and organizational measures.
Information
Privacy notices, consent, cookies.
Processors
Contracts, guarantees, transfers.
Breaches
Notification procedure, incident register.
Features
Compliance Checklist
Structured points based on supervisory authority recommendations.
Deviations
Non-conformity identification, action plan.
Scoring
Overall compliance level assessment.
Evidence
Finding documentation.
Offline Mode
Audit without a connection.
PDF Report
Audit report with recommendations.
Frequently Asked Questions
What are the 6 fundamental principles of the GDPR (Article 5)?+
Lawfulness, fairness and transparency of processing. Purpose limitation. Data minimization. Accuracy and keeping data up to date. Storage limitation. Integrity and confidentiality. The data controller must be able to demonstrate compliance with these principles (accountability principle).
When is a Data Protection Impact Assessment (DPIA) required?+
Mandatory when processing is likely to result in a high risk to the rights and freedoms of individuals (Article 35). Examples: systematic profiling, large-scale processing of sensitive data, systematic monitoring of publicly accessible areas. Supervisory authorities publish lists of processing operations requiring a DPIA.
What is the role of the DPO (Data Protection Officer)?+
Inform and advise the data controller, monitor internal GDPR compliance, advise on DPIAs, cooperate with the supervisory authority, serve as the point of contact for data subjects. The DPO must be independent, cannot be penalized for performing their duties, and must have sufficient resources.
What are the penalties for GDPR non-compliance?+
Two levels of administrative fines: up to 10 million euros or 2% of global turnover (technical/organizational shortcomings), or up to 20 million euros or 4% of global turnover (violation of fundamental principles, data subject rights, transfers outside the EU). Supervisory authorities across Europe have issued fines reaching hundreds of millions of euros.
How to document GDPR compliance for an audit?+
Maintain the processing register (Article 30), document completed impact assessments, retain proof of consent, formalize contracts with processors (Article 28), document data subject rights management procedures, maintain a data breach register, and retain privacy and security policies.