Data Protection Management Software – Guardileo

The user is mainly guided by a deliberate allocation of mandatory input fields and the automatic display and deactivation of input fields. The input fields are structured in a way that the required entries remain comprehensible and they are arranged in a logical order. Whenever an input field is not clear by itself, it is additionally explained in simple and concise language.

The entries are based on checklists and lists of keywords as far as possible, while the possibility of free text entries is reduced to a necessary extent. The user is assisted by the appropriate phrases and keywords, which considerably simplifies the completion of the entries. In addition, the user is provided with the common terminology.

Standard processing activities are pre-filled descriptions of common business operations. Like keyword lists, they serve to simplify the documentation. Standard processing activities and keyword lists can be edited. This enables the company to define its own standards, for example for the documentation of important business processes or for the designation of processing purposes or data categories.

All prepared and filed documents are marked with a processing status, indicated by a coloured marking. The status is always visible when a document is accessed. This makes it particularly easy to determine whether the legal department or the data protection officer, for example, has already reviewed a document. When documenting processing activities, the processing progress is displayed graphically.

After the review, processing activities and data protection impact assessments can no longer be altered. If a revision becomes necessary, the documents must first be cleared by the reviewers. Following the review of the revised documents, the earlier version is archived. The date and editor are logged. All previous versions can be exported.

For an effective data protection management, the regular review of documentation is necessary. A defined resubmission can therefore be set up for processing activities and data protection impact assessments. In addition, all documents can be resubmitted. Thus the implementation of action plans , for example, can be monitored.

Group structures can be easily displayed in Guardileo. Processing activities can be documented group-wide as well as separately for individual group companies. Service providers, data protection officers and coordinators can be assigned to individual group companies.

Users can be easily registered and administered. They can be assigned different roles, such as data protection officer, data protection coordinator or employee. The roles result in different user rights, e.g. the authorisation to check documents or to approve them for changes.

In larger companies in particular, there is a need to limit access to data protection documentation according to departments or affiliated companies. The authorisation system therefore makes it possible to restrict access. Depending on the selected restriction, users can only access the contracts, processing activities, etc. that apply to their respective department or affiliated company.

We provide the Guardileo data protection management software in a German and an English version.

Guardileo‘s software and IT infrastructure is operated by intersoft consulting services AG and provided to you as a service (Software as a Service/SaaS). However, we also offer the purchase of a software license. You can rent the software and run it on your own servers (On Premises).

The Guardileo data protection software is operated exclusively on the servers of intersoft consulting services AG (or on your servers if you opt for an on premise-solution). The information security management system (ISMS) of intersoft consulting services AG is certified according to ISO/IEC 27001. Web access is TLS-secured and only accessible with a user ID and password. The password must be changed after registration and is stored in encrypted format.