The repository is an overview of all processing activities of personal data carried out in an organisation. The purpose of the GRC Toolbox repository is to enable companies, data subjects and supervisory authorities to quickly and easily obtain information about what personal data have been processed, for what purpose and so on.

A DPIA must be carried out when a proposed processing of personal data is likely to result in a high risk to the rights and freedoms of individuals. The GRC Toolbox DPIA is a risk assessment that should be carried out before any processing starts in order to identify and minimize potential data protection issues at an early stage. With the flexible assessment feature, the DPIA can be easily carried out as needed.

As with the DPIA, the GRC Toolbox also assists in carrying out a TIA, which is done when personal data is to be transferred to a third country or to an international organisation. A TIA serves to identify possible risks to the protection of personal data in connection with the transfer to a third country and to take appropriate protective measures.

A data breach occurs when personal data is unintentionally or unauthorizedly disclosed or lost. In this context, the GRC Toolbox helps to record and assess data protection incidents, to notify the data subjects and, if necessary, the supervisory authorities by means of incident reports and reminders, and then to determine the causes and take appropriate measures to prevent future data breaches.

Data subject requests are an important component of data subject rights as per legal requirements. Processing data subject requests with the GRC Toolbox involves identifying, verifying and providing the personal data that must be provided upon request by a data subject.

Project support in the context of data protection means that data protection and security aspects are integrated into the development process from the very beginning. The GRC Toolbox offers workflow for this purpose in order to query data protection/security risks, define measures and meet compliance requirements before a product or service is introduced.

Connect the data protection management system with other functions of the GRC Toolbox such as information security, third-party risk management, contract management, etc. This creates synergies and reduces duplication.

Improve the effectiveness and efficiency of your data protection management system. The data protection dashboard serves as a valuable tool for this, as it shows you all data protection-relevant indicators and information in a visually appealing and intuitive way.