{"id":14517,"date":"2020-07-26T20:23:56","date_gmt":"2020-07-26T17:23:56","guid":{"rendered":"https:\/\/www.proya.com.tr\/?page_id=14517"},"modified":"2020-08-12T08:06:39","modified_gmt":"2020-08-12T05:06:39","slug":"hopex-privacy-management","status":"publish","type":"page","link":"https:\/\/www.proya.com.tr\/en\/hopex-privacy-management\/","title":{"rendered":"HOPEX Privacy Management"},"content":{"rendered":"

[vc_row css=”.vc_custom_1595629074396{padding-left: 5% !important;background-image: url(https:\/\/www.proya.com.tr\/wp-content\/uploads\/2020\/07\/hopex-1.jpg?id=13648) !important;}”][vc_column css=”.vc_custom_1474490360423{padding-right: 9% !important;}”][vc_empty_space height=”30px”][vc_column_text]<\/p>\n

HOPEX Privacy Management<\/span><\/h3>\n

[\/vc_column_text][vc_column_text]<\/p>\n

Achieve and demonstrate Data Protection Compliance <\/span><\/h5>\n

[\/vc_column_text][vc_empty_space height=”40px”][\/vc_column][\/vc_row][vc_row enable_top_separator=”true” top_separator_style=”slope-right” top_separator_color=”#e6e4e4″][vc_column][\/vc_column][\/vc_row][vc_row][vc_column width=”2\/3″ css=”.vc_custom_1476279052293{padding-right: 10% !important;padding-left: 10% !important;}”]

\n\t

\n\t\tHOPEX Privacy Management\t<\/h2>\n<\/div>[vc_empty_space height=”20px”][vc_row_inner][vc_column_inner width=”1\/2″][vc_single_image image=”14858″ img_size=”full” alignment=”center”][\/vc_column_inner][vc_column_inner width=”1\/2″][vc_column_text]<\/p>\n

Data Protection <\/span>Summary<\/h4>\n

[\/vc_column_text][vc_column_text]<\/p>\n

    \n
  • EU GDPR has increased data protection for individuals and given regulatory authorities greater powers to take action against businesses that breach the new laws.<\/li>\n
  • Following the European example, all countries around the globe (e.g. California with CCPA, South America, Asia) are updating their privacy regulations.<\/li>\n
  • Among the points in common between these legislations there are:\n
      \n
    • powerful rights<\/strong> to data subjetct,<\/li>\n
    • large sanctions<\/strong> in case of non compliance.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n

      [\/vc_column_text][\/vc_column_inner][\/vc_row_inner][vc_empty_space height=”70px”][vc_column_text]<\/p>\n

      Software + Experience =<\/span> Solution<\/h4>\n

      [\/vc_column_text][vc_empty_space height=”30px”][vc_row_inner][vc_column_inner width=”1\/4″][vc_single_image image=”14864″ img_size=”full” alignment=”center”][vc_column_text]<\/p>\n

        \n
      • Founded in 1991<\/li>\n
      • Software Solutions<\/li>\n
      • Global Services<\/li>\n
      • Help Drive Digital Transformation<\/li>\n
      • Present in 40 Countries<\/li>\n
      • 9 Subsidiaries\u00a0 & 100 partners worldwide<\/li>\n<\/ul>\n

        [\/vc_column_text][\/vc_column_inner][vc_column_inner width=”1\/2″][vc_single_image image=”14865″ img_size=”full” alignment=”center”][\/vc_column_inner][vc_column_inner width=”1\/4″][vc_single_image image=”14863″ img_size=”full” alignment=”center”][vc_empty_space height=”30px”][vc_column_text]<\/p>\n

          \n
        • Founded in 1997<\/li>\n
        • Consulting Services and Data Protection Experts<\/li>\n
        • Drive Business Corporate Governance<\/li>\n
        • Quality Certified ISO 9001: 2008<\/li>\n<\/ul>\n

          [\/vc_column_text][\/vc_column_inner][\/vc_row_inner][vc_empty_space height=”70px”][vc_row_inner][vc_column_inner width=”1\/2″][vc_single_image image=”14859″ img_size=”full” alignment=”center”][\/vc_column_inner][vc_column_inner width=”1\/2″][vc_column_text]<\/p>\n

          HOPEX Privacy Management <\/span>Benefits<\/h4>\n

          [\/vc_column_text][vc_column_text]<\/p>\n

            \n
          • Manage compliance efforts from a collaborative workspace and centralized repository<\/li>\n
          • Inform and accelerate remediation activities with up-to -date regulatory details and legal templates<\/li>\n
          • Documents and demonstrate compliance with a full range of reports designed for the Supervisory Authority<\/li>\n
          • Maintain control over protection with Data Protection Impact Assessments<\/li>\n
          • Influence data protection by design efforts and know when to assess new and evolving processing activities<\/li>\n<\/ul>\n

            [\/vc_column_text][\/vc_column_inner][\/vc_row_inner][vc_empty_space height=”70px”][vc_column_text]<\/p>\n

            HOPEX Privacy Management<\/span> \u2013 Main Features<\/h4>\n

            [\/vc_column_text][vc_empty_space height=”30px”][vc_single_image image=”14521″ img_size=”full” alignment=”center”][vc_empty_space height=”70px”][vc_column_text]<\/p>\n

            HOPEX Privacy Management<\/span> \u2013 Assign Responsibilities<\/h4>\n

            [\/vc_column_text][vc_empty_space height=”30px”][vc_row_inner][vc_column_inner width=”1\/4″][vc_single_image image=”14860″ img_size=”full” alignment=”center”][\/vc_column_inner][vc_column_inner width=”3\/4″][vc_column_text]<\/p>\n

            HOPEX Privacy Management <\/span>Benefits<\/h4>\n

            [\/vc_column_text][vc_column_text]HOPEX Privacy Management gives you the tools necessary to manage your stakeholders:<\/p>\n

              \n
            • Create and manage your own Privacy team using 7 different roles<\/li>\n
            • Document your company organizational model<\/li>\n
            • Scale your team to your organization’s legal structure, departments<\/li>\n
            • Delegate Processing Activities to the relevant deputy DPOs<\/li>\n
            • Identify the different data protection roles such as Data Controllers, Processors and National Representatives<\/li>\n
            • For each Processing Activity, assign the right Activity Owner and Application Owner who are expected to describe processing activities and their relevant Applications.<\/li>\n<\/ul>\n

              [\/vc_column_text][\/vc_column_inner][\/vc_row_inner][vc_empty_space height=”70px”][vc_column_text]<\/p>\n

              Assign Responsibilities Features<\/span><\/h4>\n

              [\/vc_column_text][vc_column_text]Chief Privacy Officers can build their organization with Legal Entities, Sites & Departments. [\/vc_column_text][vc_empty_space height=”30px”][vc_row_inner][vc_column_inner width=”1\/2″][vc_column_text]<\/p>\n

                \n
              • Legal Entities are located on specific Sites<\/strong><\/li>\n<\/ul>\n

                [\/vc_column_text][vc_empty_space height=”20px”][vc_single_image image=”14861″ img_size=”full” alignment=”center”][\/vc_column_inner][vc_column_inner width=”1\/2″][vc_column_text]<\/p>\n

                  \n
                • Departments are part of a Legal Entitiy<\/strong><\/li>\n<\/ul>\n

                  [\/vc_column_text][vc_empty_space height=”20px”][vc_single_image image=”14862″ img_size=”full” alignment=”center”][\/vc_column_inner][\/vc_row_inner][vc_empty_space height=”70px”][vc_column_text]<\/p>\n

                  Assign Responsibilities Features<\/span><\/h4>\n

                  [\/vc_column_text][vc_empty_space height=”30px”][vc_row_inner][vc_column_inner width=”1\/2″][vc_column_text]<\/p>\n

                    \n
                  • The Chief Privacy Officer can detail the organigram of the organization, to build a complex hierarchy, with several nested levels of legal entities amd departments<\/li>\n
                  • The organization will be able to create its own roles and functions to describe the different responsibilities<\/li>\n
                  • Based on the organigram, the user can define the visibility rights of the different roles with the desired level of granularity, e.g. a member of the data protection team may have access only to the processings of a specific legal entity or department\/sub-department<\/li>\n<\/ul>\n

                    [\/vc_column_text][\/vc_column_inner][vc_column_inner width=”1\/2″][vc_single_image image=”14866″ img_size=”full” alignment=”center”][\/vc_column_inner][\/vc_row_inner][vc_empty_space height=”70px”][vc_column_text]<\/p>\n

                    Assign Responsibilities Features<\/span><\/h4>\n

                    [\/vc_column_text][vc_column_text]<\/p>\n

                      \n
                    • Chief Privacy Officers can assign a DPO to a Legal Entity and a deputy DPO for each Department.<\/li>\n
                    • A department can also have an IT correspondent for privacy related requests.<\/li>\n<\/ul>\n

                      [\/vc_column_text][vc_empty_space height=”30px”][vc_single_image image=”14535″ img_size=”full” alignment=”center”][vc_empty_space height=”70px”][vc_column_text]<\/p>\n

                      HOPEX Privacy Management<\/span> \u2013 Record of Processing Activities<\/h4>\n

                      [\/vc_column_text][vc_empty_space height=”30px”][vc_row_inner][vc_column_inner width=”1\/4″][vc_single_image image=”14921″ img_size=”full” alignment=”center”][\/vc_column_inner][vc_column_inner width=”3\/4″][vc_column_text]HOPEX Privacy Management enables DPOs ana Data Controllers to quickly build and maintain an accurate record of processing activities:<\/p>\n

                        \n
                      • Create processing activities<\/li>\n
                      • Identify already existing processes & applications handling personal data categories and convert them into processing activities*<\/li>\n
                      • Add Data Protection relevant information to your processing activity (purpose, legitimacy, assignments…)<\/li>\n<\/ul>\n

                        [\/vc_column_text][\/vc_column_inner][\/vc_row_inner][vc_empty_space height=”70px”][vc_column_text]<\/p>\n

                        Processing Activities Features<\/span><\/strong><\/h4>\n

                        [\/vc_column_text][vc_column_text]DPOs can manually create Processing Activities and specify which Department they are performed by.<\/p>\n

                        New Processing Activities will be assigned to the relevant DPO and DPO deputy as specified in Assign Responsibilities.[\/vc_column_text][vc_empty_space height=”30px”][vc_single_image image=”14533″ img_size=”full” alignment=”center”][vc_empty_space height=”70px”][vc_column_text]<\/p>\n

                        Processing Activities Features<\/span><\/strong><\/h4>\n

                        [\/vc_column_text][vc_column_text]DPOs can export the record of processing, choosing what legal entity they are interested in and if the record applies to the data controller or the data processor.[\/vc_column_text][vc_empty_space height=”30px”][vc_single_image image=”14532″ img_size=”full” alignment=”center”][vc_empty_space height=”70px”][vc_column_text]<\/p>\n

                        Processing Activities Features<\/span><\/strong><\/h4>\n

                        [\/vc_column_text][vc_column_text]DPOs can identify already existing processes* handling personal data categories and convert them into processing activities with a single drag and drop action.<\/p>\n

                        Diagrams describing processes can be consulted prior to converting process into processing activity.[\/vc_column_text][vc_empty_space height=”30px”][vc_single_image image=”14531″ img_size=”full” alignment=”center”][vc_empty_space height=”70px”][vc_column_text]<\/p>\n

                        Processing Activities Features<\/span><\/strong><\/h4>\n

                        [\/vc_column_text][vc_column_text]DPOs can identify already existing applications* handling personal data categories and convert them into processing activities with a single drag and drop action.[\/vc_column_text][vc_empty_space height=”30px”][vc_single_image image=”14529″ img_size=”full” alignment=”center”][vc_empty_space height=”70px”][vc_column_text]<\/p>\n

                        Processing Activities Features<\/span><\/strong><\/h4>\n

                        [\/vc_column_text][vc_empty_space height=”30px”][vc_row_inner][vc_column_inner width=”2\/3″][vc_column_text]<\/p>\n

                          \n
                        • DPOs can follow the validation of newly created activities, through pre-defined workflows<\/li>\n
                        • Automatically notify activity owners to get them to complete the description of a processing activity<\/li>\n
                        • Validate the provided information and carry out a pre-evaluation and DPIA<\/li>\n<\/ul>\n

                          [\/vc_column_text][\/vc_column_inner][vc_column_inner width=”1\/3″][vc_single_image image=”14870″ img_size=”full” alignment=”center”][\/vc_column_inner][\/vc_row_inner][vc_empty_space height=”70px”][vc_column_text]<\/p>\n

                          Processing Activities Features<\/span><\/strong><\/h4>\n

                          [\/vc_column_text][vc_column_text]<\/p>\n

                            \n
                          • DPOs can specify the level of responsibility of the Legal Entity (Data Controller, Processor or Joint Controller) regarding the processing activity.<\/li>\n
                          • The processing activity owner can inform the legal basis for the processing.<\/li>\n
                          • Data\u00a0Controllers\u00a0can\u00a0also\u00a0rate the Legal Basis Compliance\u00a0level.<\/li>\n<\/ul>\n

                            [\/vc_column_text][vc_empty_space height=”30px”][vc_single_image image=”14528″ img_size=”full” alignment=”center”][vc_empty_space height=”70px”][vc_column_text]<\/p>\n

                            Processing Activities Features<\/span><\/strong><\/h4>\n

                            [\/vc_column_text][vc_empty_space height=”30px”][vc_row_inner][vc_column_inner width=”1\/2″][vc_column_text]<\/p>\n

                              \n
                            • Data Controllers are able to specify which security measures are put in place to ensure processing activities are carried out safely.<\/li>\n
                            • Data Controllers can also rate Compliance of Data Transfers & Security Measures at this stage.<\/li>\n<\/ul>\n

                              [\/vc_column_text][\/vc_column_inner][vc_column_inner width=”1\/2″][vc_single_image image=”14907″ img_size=”full” alignment=”center”][\/vc_column_inner][\/vc_row_inner][vc_empty_space height=”70px”][vc_column_text]<\/p>\n

                              Processing Activities Features<\/span><\/h4>\n

                              [\/vc_column_text][vc_empty_space height=”30px”][vc_row_inner][vc_column_inner width=”1\/2″][vc_column_text]<\/p>\n

                                \n
                              • Data Controllers are able to specify which Data Subject Rights apply to their processing activities, along with the type of notice and consent requirement.<\/li>\n
                              • Data Controllers can also rate the Data Subject Rights & Notice Management Compliance Level.<\/li>\n<\/ul>\n

                                [\/vc_column_text][\/vc_column_inner][vc_column_inner width=”1\/2″][vc_single_image image=”14922″ img_size=”full” alignment=”center”][\/vc_column_inner][\/vc_row_inner][vc_empty_space height=”70px”][vc_column_text]<\/p>\n

                                Processing Activities Features<\/span><\/h4>\n

                                [\/vc_column_text][vc_empty_space height=”30px”][vc_row_inner][vc_column_inner width=”1\/2″][vc_column_text]Data Controllers are able to rate the degree of minimization of specific data handled by processing activities.[\/vc_column_text][\/vc_column_inner][vc_column_inner width=”1\/2″][vc_single_image image=”14874″ img_size=”full” alignment=”center”][\/vc_column_inner][\/vc_row_inner][vc_empty_space height=”70px”][vc_column_text]<\/p>\n

                                HOPEX Privacy Management<\/span> \u2013 Manage Processing Activities<\/h4>\n

                                [\/vc_column_text][vc_empty_space height=”30px”][vc_row_inner][vc_column_inner width=”1\/6″][vc_single_image image=”14908″ img_size=”full” alignment=”center”][\/vc_column_inner][vc_column_inner width=”5\/6″][vc_column_text]Data Controllers can further describe processing activities with:<\/p>\n

                                  \n
                                • coverage by national representatives<\/li>\n
                                • third parties performing the processing and set contractual agreements with them<\/li>\n
                                • comparison of countries (where the processing takes place vs where the data was collected) and implementation of the necessary measures (data protection, DPIA, risk evaluation).<\/li>\n<\/ul>\n

                                  [\/vc_column_text][\/vc_column_inner][\/vc_row_inner][vc_empty_space height=”70px”][vc_column_text]<\/p>\n

                                  National Representatives Features <\/span><\/h4>\n

                                  [\/vc_column_text][vc_column_text]<\/p>\n

                                    \n
                                  • DPOs can specify National Representatives for each Legal Entity. Countries covered by National Representatives are defined.<\/li>\n
                                  • A National Representative coverage is then given to the Processing Activities performed by the Legal Entity (Null, Partial, Full).<\/li>\n<\/ul>\n

                                    [\/vc_column_text][vc_empty_space height=”30px”][vc_single_image image=”14539″ img_size=”full” alignment=”center”][vc_empty_space height=”70px”][vc_column_text]<\/p>\n

                                    Third-Parties Management Features <\/span><\/h4>\n

                                    [\/vc_column_text][vc_empty_space height=”30px”][vc_row_inner][vc_column_inner width=”1\/2″][vc_column_text]DPOs can not only create but also manage Third Parties.<\/p>\n

                                      \n
                                    • Third Party Sites, along with Transfer Safeguards, can be defined.<\/li>\n
                                    • DPOs can be assigned to Third Parties<\/li>\n
                                    • National Representatives can also be assigned<\/li>\n
                                    • Contractual Agreements can be uploaded<\/li>\n<\/ul>\n

                                      [\/vc_column_text][vc_empty_space height=”20px”][vc_single_image image=”14876″ img_size=”full” alignment=”center”][\/vc_column_inner][vc_column_inner width=”1\/2″][vc_single_image image=”14877″ img_size=”full” alignment=”center”][\/vc_column_inner][\/vc_row_inner][vc_empty_space height=”70px”][vc_column_text]<\/p>\n

                                      Third-Parties Management Features <\/span><\/h4>\n

                                      [\/vc_column_text][vc_empty_space height=”30px”][vc_row_inner][vc_column_inner width=”1\/2″][vc_column_text]<\/p>\n

                                        \n
                                      • DPOs and Data Controllers can, for Processing Activities, specify which Third Party is taking in the form of a sub-processing.<\/li>\n<\/ul>\n

                                        [\/vc_column_text][vc_empty_space height=”20px”][\/vc_column_inner][vc_column_inner width=”1\/2″][vc_column_text]A Third Parties Report provides an overview of the Processing Activities that Third Parties are participating, along with the Risks they present and their Compliance Level.[\/vc_column_text][vc_empty_space height=”20px”][\/vc_column_inner][\/vc_row_inner][vc_single_image image=”14878″ img_size=”full” alignment=”center”][vc_empty_space height=”70px”][vc_column_text]<\/p>\n

                                        Data Transfer Management Features<\/span><\/h4>\n

                                        [\/vc_column_text][vc_column_text]DPOs and Data Controllers can capture Data Transfers performed by a processing activity. These data transfers can then be represented on a Data Transfer Map.[\/vc_column_text][vc_empty_space height=”30px”][vc_single_image image=”14546″ img_size=”full” alignment=”center”][vc_empty_space height=”70px”][vc_column_text]<\/p>\n

                                        HOPEX Privacy Management<\/span> \u2013 Manage Data Breaches<\/h4>\n

                                        [\/vc_column_text][vc_empty_space height=”30px”][vc_row_inner][vc_column_inner width=”1\/6″][vc_single_image image=”14910″ img_size=”full” alignment=”center”][\/vc_column_inner][vc_column_inner width=”5\/6″][vc_column_text]Record all potential data breaches allowing internal staff to report incidents through an ad hoc web form. Data Controllers can:<\/p>\n

                                          \n
                                        • Collect all the information required by the regulation and build a detailed record of data breaches<\/li>\n
                                        • Assess the seriousness of every breach and take action within 72 hours:\n
                                            \n
                                          • implementing remediation measures<\/li>\n
                                          • identifying impacted people and potentially notifying supervisory authorities and data subjects.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n

                                            [\/vc_column_text][\/vc_column_inner][\/vc_row_inner][vc_empty_space height=”70px”][vc_column_text]<\/p>\n

                                            Data Breaches Management Features<\/span><\/h4>\n

                                            [\/vc_column_text][vc_empty_space height=”30px”][vc_row_inner][vc_column_inner width=”1\/2″][vc_column_text]<\/p>\n

                                              \n
                                            • Stakeholders can report Data Breaches, without needing to log into HOPEX Privacy Management.<\/li>\n<\/ul>\n

                                              [\/vc_column_text][vc_empty_space height=”20px”][\/vc_column_inner][vc_column_inner width=”1\/2″][vc_column_text]<\/p>\n

                                                \n
                                              • DPOs can then assess Data Breaches and keep track of notifications sent to Data Subject and supervisory authorities.<\/li>\n<\/ul>\n

                                                [\/vc_column_text][vc_empty_space height=”20px”][\/vc_column_inner][\/vc_row_inner][vc_single_image image=”14881″ img_size=”full” alignment=”center”][vc_empty_space height=”70px”][vc_column_text]<\/p>\n

                                                HOPEX Privacy Management<\/span> \u2013 Manage Data Subject Requests<\/h4>\n

                                                [\/vc_column_text][vc_empty_space height=”30px”][vc_row_inner][vc_column_inner width=”1\/6″][vc_single_image image=”14911″ img_size=”full” alignment=”center”][\/vc_column_inner][vc_column_inner width=”5\/6″][vc_column_text]HOPEX Privacy Management helps Data Controllers with Data Subject Requests management. Within a dedicated section, Controllers can:<\/p>\n

                                                  \n
                                                • Collect request<\/li>\n
                                                • Categorize them by type and monitor their status<\/li>\n
                                                • Assign every request to impacted legal entities, departments and processing activities<\/li>\n
                                                • Receive reminders when deadline approaches<\/li>\n<\/ul>\n

                                                  [\/vc_column_text][\/vc_column_inner][\/vc_row_inner][vc_empty_space height=”70px”][vc_column_text]<\/p>\n

                                                  Data Subject Requests Management Features<\/span><\/h4>\n

                                                  [\/vc_column_text][vc_column_text]Data Controllers can keep a log of all Data Subject Requests and monitor their progress.[\/vc_column_text][vc_empty_space height=”30px”][vc_single_image image=”14544″ img_size=”full” alignment=”center”][vc_empty_space height=”70px”][vc_column_text]<\/p>\n

                                                  HOPEX Privacy Management<\/span> \u2013 Pre-assessment of Processing Activities<\/h4>\n

                                                  [\/vc_column_text][vc_empty_space height=”30px”][vc_row_inner][vc_column_inner width=”1\/6″][vc_single_image image=”14912″ img_size=”full” alignment=”center”][\/vc_column_inner][vc_column_inner width=”5\/6″][vc_column_text]HOPEX Privacy Management enables DPOs to:<\/p>\n

                                                    \n
                                                  • Assess risk ad compliance level of every processing activity<\/li>\n
                                                  • Review and Comment on latest DPIA in progress<\/li>\n<\/ul>\n

                                                    [\/vc_column_text][\/vc_column_inner][\/vc_row_inner][vc_empty_space height=”70px”][vc_row_inner][vc_column_inner content_preset=”_preset_3″][vc_column_text]<\/p>\n

                                                    Pre-Assessment Features <\/span><\/h4>\n

                                                    [\/vc_column_text][vc_column_text]<\/p>\n

                                                      \n
                                                    • DPOs are able to assess overall level of risk and compliance of processing activities. Reminders of previous compliance ratings<\/strong> given by the Data Controller responsible for the processing activity are provided at this stage.<\/li>\n
                                                    • This is where the DPO determines if a DPIA is required or not.<\/li>\n
                                                    • Pre-assessments can be recorded for future analysis of the evolution of the processing activity\u2019s compliance and risk levels.<\/li>\n<\/ul>\n

                                                      [\/vc_column_text][vc_empty_space height=”30px”][vc_single_image image=”14548″ img_size=”full” alignment=”center”][vc_empty_space height=”70px”][\/vc_column_inner][\/vc_row_inner][vc_row_inner][vc_column_inner content_preset=”_preset_3″][vc_column_text]<\/p>\n

                                                      Advise on DPIA Features <\/span><\/h4>\n

                                                      [\/vc_column_text][vc_column_text]DPOs can review and add comments to DPIAs. They can also finalize or discard each DPIA.[\/vc_column_text][vc_empty_space height=”30px”][vc_single_image image=”14550″ img_size=”full” alignment=”center”][vc_empty_space height=”70px”][\/vc_column_inner][\/vc_row_inner][vc_column_text]<\/p>\n

                                                      HOPEX Privacy Management<\/span> \u2013 Data Protection Impact Assessments<\/h4>\n

                                                      [\/vc_column_text][vc_empty_space height=”30px”][vc_row_inner][vc_column_inner width=”1\/6″][vc_single_image image=”14914″ img_size=”full” alignment=”center”][\/vc_column_inner][vc_column_inner width=”5\/6″][vc_column_text]HOPEX Privacy Management enables Data Controllers to carry out a Data Protection Impact Assessment:<\/p>\n

                                                        \n
                                                      • Identify processing activities requiring a DPIA<\/li>\n
                                                      • Launch a DPIA, identify data protection risks and provide recommendations<\/li>\n
                                                      • Produce detailed reports to prove accountability to the supervisory authority<\/li>\n<\/ul>\n

                                                        [\/vc_column_text][\/vc_column_inner][\/vc_row_inner][vc_empty_space height=”30px”][vc_row_inner][vc_column_inner width=”5\/6″][vc_column_text]DPOs also get the opportunity to:<\/p>\n

                                                          \n
                                                        • Review the Risks identified during DPIAs<\/li>\n
                                                        • Validate Recommendations<\/li>\n
                                                        • Receive Notifications of DPIA awaiting validation (available in Update 4)<\/li>\n<\/ul>\n

                                                          [\/vc_column_text][\/vc_column_inner][vc_column_inner width=”1\/6″][vc_single_image image=”14915″ img_size=”full” alignment=”center”][\/vc_column_inner][\/vc_row_inner][vc_row_inner][vc_column_inner content_preset=”_preset_3″][vc_empty_space height=”70px”][\/vc_column_inner][\/vc_row_inner][vc_row_inner][vc_column_inner content_preset=”_preset_3″][vc_column_text]<\/p>\n

                                                          DPIA Features<\/span><\/h4>\n

                                                          [\/vc_column_text][vc_column_text]Data Controllers can identify at a glance the processing activities requiring a DPIA.[\/vc_column_text][vc_empty_space height=”30px”][vc_single_image image=”14559″ img_size=”full” alignment=”center”][vc_empty_space height=”70px”][\/vc_column_inner][\/vc_row_inner][vc_row_inner][vc_column_inner content_preset=”_preset_3″][vc_column_text]<\/p>\n

                                                          DPIA Features<\/span><\/h4>\n

                                                          [\/vc_column_text][\/vc_column_inner][\/vc_row_inner][vc_row_inner][vc_column_inner width=”1\/2″][vc_column_text]<\/p>\n

                                                            \n
                                                          • Data Controllers can start a new DPIA or clone a previous one.<\/li>\n
                                                          • Previous DPIAs can also a consulted.<\/li>\n<\/ul>\n

                                                            [\/vc_column_text][vc_empty_space height=”20px”][\/vc_column_inner][vc_column_inner width=”1\/2″][vc_column_text]<\/p>\n

                                                              \n
                                                            • Data Controllers are reminded of the pre-assessment measures given to the processing activity by the DPO.<\/li>\n<\/ul>\n

                                                              [\/vc_column_text][vc_empty_space height=”20px”][\/vc_column_inner][\/vc_row_inner][vc_single_image image=”14887″ img_size=”full” alignment=”center”][vc_empty_space height=”70px”][vc_column_text]<\/p>\n

                                                              DPIA Features<\/span><\/h4>\n

                                                              [\/vc_column_text][vc_row_inner][vc_column_inner width=”1\/2″ content_preset=”_preset_3″][vc_column_text]Data Controllers can create Data Protection risks represented by the processing activity. There are 5 types of Data Protection Risks:<\/p>\n

                                                                \n
                                                              • Illegitimate Access<\/li>\n
                                                              • Data Loss<\/li>\n
                                                              • Data Corruption<\/li>\n
                                                              • Daa Unavailability<\/li>\n
                                                              • Unlawful Processing<\/li>\n<\/ul>\n

                                                                [\/vc_column_text][vc_empty_space height=”20px”][\/vc_column_inner][vc_column_inner width=”1\/2″][vc_column_text]<\/p>\n

                                                                  \n
                                                                • Each Risk is assessed in terms of Impact and Likelihood.<\/li>\n
                                                                • Once Risks are assessed, Data Controllers can issue Recommendations with the aim to reduce the level of a specific data protection Risk.<\/li>\n<\/ul>\n

                                                                  [\/vc_column_text][vc_empty_space height=”20px”][\/vc_column_inner][\/vc_row_inner][vc_single_image image=”14888″ img_size=”full” alignment=”center”][vc_empty_space height=”70px”][vc_row_inner][vc_column_inner content_preset=”_preset_3″][vc_column_text]<\/p>\n

                                                                  DPIA Features<\/span><\/h4>\n

                                                                  [\/vc_column_text][vc_column_text]Controllers can attach external files as evidence supporting their DPIA.[\/vc_column_text][vc_empty_space height=”30px”][vc_single_image image=”14557″ img_size=”full” alignment=”center”][vc_empty_space height=”70px”][\/vc_column_inner][\/vc_row_inner][vc_row_inner][vc_column_inner content_preset=”_preset_3″][vc_column_text]<\/p>\n

                                                                  DPIA Features<\/span><\/h4>\n

                                                                  [\/vc_column_text][vc_column_text]Data Controllers then get to pass a final judgement on the Processing Activity by setting a Final Compliance Level, a Final Risk Level and pronounce him\/herself on the Subsequent Actions to be taken.[\/vc_column_text][vc_empty_space height=”30px”][vc_single_image image=”14555″ img_size=”full” alignment=”center”][vc_empty_space height=”70px”][\/vc_column_inner][\/vc_row_inner][vc_row_inner][vc_column_inner content_preset=”_preset_3″][vc_column_text]<\/p>\n

                                                                  DPIA Features<\/span><\/h4>\n

                                                                  [\/vc_column_text][vc_column_text]Data Controllers can generate a DPIA document containing the regulatory texts, background information on the Processing Activity and results of the DPIA. This document can then be modified if necessary before it is submitted to the authority.[\/vc_column_text][vc_empty_space height=”30px”][vc_single_image image=”14553″ img_size=”full” alignment=”center”][vc_empty_space height=”70px”][\/vc_column_inner][\/vc_row_inner][vc_row_inner][vc_column_inner content_preset=”_preset_3″][vc_column_text]<\/p>\n

                                                                  DPIA Features<\/span><\/h4>\n

                                                                  [\/vc_column_text][vc_column_text]DPOs can review the Risks identified during DPIAs.[\/vc_column_text][vc_empty_space height=”30px”][vc_single_image image=”14554″ img_size=”full” alignment=”center”][vc_empty_space height=”70px”][\/vc_column_inner][\/vc_row_inner][vc_row_inner][vc_column_inner content_preset=”_preset_3″][vc_column_text]<\/p>\n

                                                                  DPIA Features<\/span><\/h4>\n

                                                                  [\/vc_column_text][vc_column_text]Company Policies can also be attached to a DPIA for future reference. Enterprise Architects can use both Recommendations and policy documents to transform the assessed processing activity.[\/vc_column_text][vc_empty_space height=”30px”][vc_single_image image=”14552″ img_size=”full” alignment=”center”][vc_empty_space height=”70px”][\/vc_column_inner][\/vc_row_inner][vc_row_inner][vc_column_inner content_preset=”_preset_3″][vc_column_text]<\/p>\n

                                                                  DPIA Features<\/span><\/h4>\n

                                                                  [\/vc_column_text][vc_column_text]<\/p>\n

                                                                    \n
                                                                  • DPOs can review Recommendations made to mitigate a particular Data Protection Risk identified during the DPIA.<\/li>\n
                                                                  • Recommendations are validated alongside their DPIA.<\/li>\n<\/ul>\n

                                                                    [\/vc_column_text][vc_empty_space height=”30px”][vc_single_image image=”14551″ img_size=”full” alignment=”center”][vc_empty_space height=”70px”][\/vc_column_inner][\/vc_row_inner][vc_column_text]<\/p>\n

                                                                    HOPEX Privacy Management<\/span> \u2013 Inform & Advise Data Controller<\/h4>\n

                                                                    [\/vc_column_text][vc_empty_space height=”30px”][vc_row_inner][vc_column_inner width=”1\/6″ content_preset=”_preset_3″][vc_single_image image=”14890″ img_size=”full” alignment=”center”][\/vc_column_inner][vc_column_inner width=”5\/6″][vc_column_text]DPOs can use HOPEX Privacy Management to support Data Controllers in an overseeing capacity with the following reports:<\/p>\n

                                                                      \n
                                                                    • Data Risk Reports<\/li>\n
                                                                    • Data Protection Risk<\/li>\n
                                                                    • Consistency Reports<\/li>\n<\/ul>\n

                                                                      [\/vc_column_text][\/vc_column_inner][\/vc_row_inner][vc_row_inner][vc_column_inner content_preset=”_preset_3″][vc_empty_space height=”70px”][\/vc_column_inner][\/vc_row_inner][vc_row_inner][vc_column_inner content_preset=”_preset_3″][vc_column_text]<\/p>\n

                                                                      Inform & advise Features <\/span><\/h4>\n

                                                                      [\/vc_column_text][vc_column_text]Data Risk Reports provide an overview of levels of Risk and Compliance of each processing activity, organized by Data Category or by Data Subject Categories[\/vc_column_text][vc_empty_space height=”30px”][vc_single_image image=”14563″ img_size=”full” alignment=”center”][vc_empty_space height=”70px”][\/vc_column_inner][\/vc_row_inner][vc_row_inner][vc_column_inner content_preset=”_preset_3″][vc_column_text]<\/p>\n

                                                                      Inform & advise Features <\/span><\/h4>\n

                                                                      [\/vc_column_text][vc_column_text]Data Protection Risk Report provides an overview of the evolution of a Processing Activity\u2019s Data Protection risk rating throughout its many DPIAs.[\/vc_column_text][vc_empty_space height=”30px”][vc_single_image image=”14562″ img_size=”full” alignment=”center”][vc_empty_space height=”70px”][\/vc_column_inner][\/vc_row_inner][vc_row_inner][vc_column_inner content_preset=”_preset_3″][vc_column_text]<\/p>\n

                                                                      HOPEX Privacy Management<\/span> \u2013 Carry Out Audit<\/h4>\n

                                                                      [\/vc_column_text][vc_empty_space height=”30px”][\/vc_column_inner][\/vc_row_inner][vc_row_inner][vc_column_inner width=”1\/6″ content_preset=”_preset_3″][vc_single_image image=”14917″ img_size=”full” alignment=”center”][\/vc_column_inner][vc_column_inner width=”5\/6″][vc_column_text]DPOs can use HOPEX Privacy Management to audit progress of Compliance efforts as well as potential gaps with the following reports:<\/p>\n