The Backbone of Your GDPR Web Compliance Process
Manually searching for data across your digital presence is a tedious task. With Siteimprove GDPR, you save that time by automatically locating the personal data you handle online—think names, ID numbers, cookies, and more. Now you have the power to pinpoint and remove that data across your website, minimizing the risk of fines and other legal consequences on your way to GDPR compliance.
Regain control of personal data
Compliance begins with an overview: Know exactly where you handle data with the worldwide IP and Domain Map and see all cookies set on your website with the Cookie Tracker. Then, see all customer, prospect, or employee data in a Personal Data Inventory of names, email addresses, identification numbers, and more.
Respect the right to be forgotten
Under GDPR, anyone whose data has been collected and processed in the EU has the "right to be forgotten". Use the Universal Search function to instantly locate their data on any web page or within the metadata of PDFs, Word documents, and images. From there, create an in-tool plan to remove their data and be sure it gets flagged if it pops up again.
Prove your compliance efforts
Governing personal data on your website—and being able to prove it—is key to GDPR compliance. Minimize risk by implementing sitewide GDPR policies that instantly catch potential risks to personal data, like exposed credit card or ID numbers. Every action your team takes within the platform is also logged in the User Actions Log, helping you report compliance efforts to management and authorities.
IP and Domain Map
No matter how long your organization has been around, it’s possible you've forgotten about certain domains or IP addresses—which means forgotten data. Displayed in a global map, Siteimprove identifies all domains and IP addresses possibly associated with your organization so you can be sure no one’s personal data slips through the cracks.
The Siteimprove IP and Domain Map shows you:
- Who registered the domain or IP address
- When it expires
- Option to reject domains that you do not own
Curious how it works? Read how Siteimprove identifies domains associated with your organization.
Personal Data Inventory
Part of being GDPR-compliant means having a complete overview of the personal data your organization handles. Siteimprove GDPR runs regular scans across your domains to pinpoint and compile identifiable information, including:
- Full names
- Email addresses
- Phone numbers
- ID numbers
When you’re operating a website with so many moving parts, it's difficult to keep track of the information that lives on your site—let alone if it all meets privacy standards. So when someone reaches out to have their personal data removed—even if it's their name within the metadata of an image in a PowerPoint—you have the power to react immediately.
The Universal Search function is your instant search engine for locating specific data and flagging future instances within:
- Files like images, PDFs, spreadsheets, and more
Building GDPR compliance into your official website policies helps keep your organization focused on the future. Predefined GDPR policies keep you on track by scanning and flagging your website for potential problems like:
- Exposed credit card numbers
- Pages linking to unsafe domains
- HTML forms on unsecured HTTP pages
You also have the ability to create custom website policies within Siteimprove Policy.
User Actions Log
Get an overview of all the actions Siteimprove users take within the GDPR module. By keeping track of these, you make compliance efforts more visible and tangible to management and compliance authorities. For instance, responding to data subjects’ requests to be forgotten can now be recorded and referred to later on.
The User Actions Log will chronologically show you:
- Specific action taken
- Date and time of the action
- Implications of the action
Keep working towards GDPR compliance with our latest e-books, webinars, and more.