top of page

All inclusive records of processing and impact assessment 

One place to collaboratively manage privacy documentation

Privacy1's RoPA and DPIA solution gives you all the capabilities you need to not only map your personal data use, but also to assess your business processes for risk, all from within the same solution with no additional license costs or expensive consulting. 

Map your GDPR data and perform DPIA in a single low cost tool

Process Orientated

Map and model the personal data and evaluate the processing risk by stepping through each of your processes. 

Flexible, Integrated DPIA and RoPA

With your data inventory and impact assessment in a single place, it's easy to build , collaborate and maintain your GDPR records.

Modern software for smaller budgets

Built from experience of operating GDPR, our solution includes everything you need, is simple and easy and is offered at a price suitable for smaller businesses. There are no restrictions on number of users, number of processes modelled or risk assessments undertaken.  

Green Smoke on white .png

Records of Processing | RoPA

Move away from manually maintaining spreadsheets to a solution and map all your personal data use in our easy to use modelling tool. Working through each of your business processes the system will guide you to define your data types, processing purposes, retention times, data sharing, data processors and legal basis leading you to the next step of process screening and risk assessment.

Connected by your processes

Everything is connected by business processes in a structured data model. No more disconnected RoPA and DPIA records with difficult to maintain connections

Compliant Data Model

We maintain the GDPR compliant data model, keeping up with privacy changes so you don't have to.  

Manage in one place

Role based permission model controls who can see and do what providing a central secure place for your records 

Map your GDPR data by business process, classification, labels and governors

Reporting and graphing

Reporting and graphing are inherently built into the process. Whether it is sending a report to your DPA or leveraging on data insights articulating risks for your stakeholders internally, we've got you covered.

Green Smoke on white .png

Pre DPIA Process Screening

Screen your business processes and identify those that need a full DPIA assessment, saving you the work of performing a full DPIA on every process. Linked directly via your processes to the data mapping, it guides you through the considerations and records your decisions and justifications. 

PIA - screen your business processes to find those that need full DPIA and record your decisions

Record your decisions

As you assess each process the system will keep a record of your considerations, justifications and decisions. 

Less effort, more accountability

Reduce risk assessment effort and gain more demonstrable accountability by being able to show all your considerations against your processes

Easy to use checklist

Use our preconfigured process screening checklist, based on ICO guidelines, to guide you through screening considerations

Green Smoke on white .png

Data Processing Impact Assessment (DPIA)

Linked directly to your data mapping and process screening. DPIA enables a full GDPR compliant Impact Assessment to be performed. Identify different type of risk associated with current or future processing, detail remedial actions and generate risk scoring in current state and document residual risk scoring after planned actions / controls have been implemented

Assess the risk of each of your processing purposes and set mitigating actions to reduce likelihood and severity

Identify risks

Use DPIA to guide you through identifying risk types, likelihood, severity and impacts for each risk against your screened processes. 

Plan remedies and mitigation

Once identified you can set mitigation measures against each risk and record the before and after scoring once implemented

End to end record keeping

Connected to your screening and data inventory, your DPIA assessed processes are part of a seamless end to end record from data to processes to risk assessment and mitigation measures. 

Green Smoke on white .png

Privacy your way

"Privacy your way" is a design ethos of our software. It ensures that you can setup and run our software without lots of consultancy, you can configure it to match how your business runs and we strive to provide all the elements you need to manage privacy well on smaller budgets. 


You can centrally configure all the modelling elements that you want to use such as custom labels, data subject categories and legal basis so you can set it up with your business language. There are also multiple starting points, so if, for example, you want to start with DPIA you can. 

Flexible, configurable GDPR solutions
Add data risk types easily
maintain data subject categories centrally
Setup your own GDPR data classifications

Fully configurable 

Create and use all your own privacy model including risk types, data classifications, data subject categories, legal basis etc to match how you do business

Custom labels

Create and apply labels to help you manage, find, sort and customise your record keeping. You can add them to mark to do items, identify operational areas, in fact whatever you like. You can then use the to sort and search and keep organised. 

Use customer labels to tag your GDPR data
ROPA Privacy your way
Green Smoke on white .png

Focus "privacy time" on compliance, not making tools

As a small business, you are unlikely to have a dedicated DPO or privacy manager. As such, time to focus on privacy is at a premium and the risks associated with the area are high. So the last thing that you want to be doing is having to develop, build, maintain and update your own tools, especially if you also have to perform all the research to be able to build them

We develop the solution so you can focus on privacy 

DPO, don't spend your time building tools

We have developed our solutions from privacy professionals experienced in large and small companies. We build in not only what the regulations require, but also all the practical features you need to make your job easier and more efficient. We are constantly updating in line with best practices, new regulator guidance and regulation changes, so you don't have to worry about maintenance.


Designed for small companies and smaller budgets Privacy1 is offered in the cloud so you can access it from anywhere, any time. Privacy1 therefore gives you the ability to stop being a developer, take advantage of the built in privacy knowledge and focus your valuable time on mitigating risks and improving your privacy maturity.

GDPR tools and service for small business

We provide full product and GDPR support 

As our solution is SaaS based, all the product support is included in the annual price. In addition, we have experienced GDPR and legal skills that you can take advantage of if you need help writing a privacy policy, getting budget buy in from the board, or want advice on how to manage third party data transfers outside the EU. See our consultants here 

bottom of page