Help Center
News
Help Center
News
Getting Started
Compliance Settings
Compliance SettingsCreating organizational unitsManaging audiences
IT Settings
Risk Settings
Modules
Sharing & Group functions
Assessments
Features
How-To Guides & Tips
Get Help
Release Notes

Compliance Settings

Overview

To access the compliance settings, click the gearwheel in the top right corner and select Compliance Settings. You need data protection manager or IT security manager privileges to do this.

You will see some general information on your organization on the first page. You can edit this information by clicking the Edit button. On the left side, you will see several tabs that allow you to change your compliance settings.

Companies

The Companies tab shows all your companies registered in the Priverion platform. If you are a Bigger conglomerate, you can manage all your subsidiaries here.

The list includes the names of all companies and their types (this can be a consultant company or a consulted company), in the case of a consultant company, the consulted companies, as well as the country of the company, and when it was created and last updated.

You can click on your company to change its name and location. As a data protection manager or IT security manager, you can add additional companies or organizations to the Priverion platform by clicking the Create button.

When you create a new company, fill in its legal name and select the country in which it has its headquarters.

There is a switcher you can activate if it is a Consulted Company. This allows you, as the current company, to manage the newly created company's user management and gives you access to the consulted company's elements. You should only use this option if you are a consulting company with many clients and want to manage the clients in one Priverion platform.

Please see our consulting feature sheet for more on the relationship between consultants and consulted companies.

Only users of a company have access to that company. The admin needs to add new users to the company in the respective IT Settings.

Sharing

If your organization consists of several companies, you may share some of your data protection documentation elements among your companies. Click Edit to activate Sharing. Click the Add button to add all companies you want to share elements with.

To learn more about it, follow the guide about Sharing Elements.

Applicable Laws

The Applicable Laws tab enables you to select all countries whose data protection regulations you are subject to. Here, you will be provided with a list of already activated laws or regulations and the option to edit these. You can manage them by clicking the Edit button, choosing all applicable countries, and clicking the Save button.

Some regulations or laws might be non-specific but more regional, such as the GDPR. If you are subject to the GDPR, activate the separate button in the top left corner.

Knowing which regulations you are subject to is crucial to data protection compliance. This might not always be trivial as you may be subject to a law of a country you wouldn't have thought of. For example, the GDPR also applies to companies not established in the EU but processing individuals' personal data in the EU. This is why the territorial scope of the regulation needs to be investigated prior.

If you are still determining which regulations apply to you, seek guidance from your data protection officer or a legal advisor.

After activating these laws, they will be available, for example, in the record of processing activities with their specific legal basis and their specific classification of special categories of personal data. The user then receives a selection of laws and can determine which law specifically applies to the processing activity. This gives the necessary flexibility as some processing activities might only be subject to one specific regulation, whereas others might be subject to all of them.

For more guidance on the applicable laws and regulations, don't hesitate to contact one of our onboarding specialists to go through the process.

Notifications by Roles

The Notifications by Roles tab lets you manage who should be notified about what. The Roles listed are those that different users can take regarding data protection compliance. If you click on one role, you can choose in which case the role should be notified and if this notification should be In-App and/or via E-mail.

You can navigate to the IT settings to manage which user has which roles.

Tags

Tags are supposed to categorize and organize the information you provide to the Priverion platform and help you manage the information more easily. On the tab, you will find a list of different Tags.

To manage your Tags, click the Edit button. Click on the blue menu icon at the top left to expand the menu; you can then browse through the list and add or edit tags. If you click on a tag, you can change its name; if you click the Create button, you can create new ones.

The Creating tags that fit your industry guide explains the meaning of the individual Tags. However, as you work with the Priverion platform, you will recognize the tags throughout the system. If you need to edit them, you can return to the Compliance Settings and do so.

Audience Management

Various users need to be notified or given access to different Elements. These rights or assignments are often meant for entire groups of people. You can create Audiences and easily give access to a function or element to all members of this audience at once.

Remember, these are the general settings. If you assign an audience read access to, e.g., Assets, the audience will not automatically have access to all Assets in the system. Instead, for every Asset, you must choose the audiences who should have access. However, an Audience must have general access rights to Assets to assign a single Asset to that audience later.

Click the Create button to create a new audience or click on an existing one to manage it. We explain how to create an audience in the guide on Managing Audiences.

Organizational Units

Every organization or company has a specific structure that is either more hierarchical via departments or more team-based via matrix organization. The platform allows you to freely create organizational units that reflect your organizational structure. You can create organizational units such as departments, for example, marketing, sales, production, and finance accounting, or you can create matrix teams using the same process.

Under the Organizational Units tab, you will see a list of the currently created or existing organizational units with the responsible person, their status, and description. You can edit one by clicking on it or add a new one. You need data protection manager or security manager privileges to do this.

To create a new unit, click the Create button, select the responsible person from the drop-down, set the status of the organizational unit, and fill in the name and a short description that clearly states the unit's responsibilities.

If you have many organizational units and want to create them automatically, don't hesitate to contact our onboarding specialist to facilitate the automatic creation of organizational units. You can contact us by kicking on the widget on the right lower side of the screen.

Time Machine

The activation of the Time Machine must be performed by a Superadmin. To do this, navigate to the Time Machine tab. Enable the toggle switch and enter the desired retention period in years. Save your changes. For more details about this feature, refer to the related article.

 

Was this article helpful?

English
Powered by Product Fruits