Special categories of data
Do you know where all of your sensitive data is across all of the data sources that you control?
Ohalo helps identify special categories of data such as race, gender, religion, and more so that you can be sure to remove the data under GDPR. The Data X-Ray establishes a baseline of where sensitive data is on your systems in one click. Find sensitive data immediately on cloud services that you use Easily report on this to regulators, clients, and auditors Integrates easily with the Data Protection Router
Right to access
Can you provide access to all of a data subject’s data upon request?
You may hold PII data about customers in multiple databases and at multiple cloud services. This makes time-bound data access requests difficult to fulfill. With the Data Protection Router you know where your data is and can show that data upon request. Queries to multiple datasources simultaneously Easy to install Map data lineage of PII across multiple databases
Right to rectification
Can you update all of the data about a data subject when they ask?
As with erasure requirements, rectification upon Data Subject request is very difficult even with a small company managing dozens of datasources. For large companies it is even harder. The Data Protection Router allows you to easily request data to be updated wherever it is. Find where data is stored Request data to be rectified through the Ohalo app or API Prove it through a blockchain-backed immutable proof
Right to be forgotten
Can you erase data across all of your systems and at third parties with assurance?
After establishing a baseline of what PII data is where, you can trace where that data has gone with Ohalo's GDPR data lineage tool, the Data Protection Router and request various databases and cloud file storage services to delete that data on your behalf. Hold data no longer or shorter than you should Simultaneous erasure across multiple databases Prove that you have erased data at a certain point in time
GDPR Representatives for organisations outside the Union
Are you based outside of the EU? If so, do you have an EU based GDPR representative?
You must appoint an EU based GDPR representative if you are i) not established in the EU and ii) subject to the jurisdiction of the GDPR. Ohalo's partner, DPR Group, can provide this service and Ohalo users may benefit from a 15% discount using the code 'OHALO15'. Benefit from DPR Group contact locations in each of the 28 EU Member States House your Article 30 processing records in case of Data Protection Authority requests Provide your customers with a superior experience through a branded landing page and response messages
Records of Processing Activities
Can you demonstrate how data is being managed inside and outside the organization?
GDPR Article 30 is about maintaining a record of Data Subject processing activities. It is a requirement to maintain a record of data lineage across both internal and external systems where a Data Subject’s data may be. Such a record is important to demonstrate the state of data management. Demonstrate exactly how data is being used on a granular level not only within your organization but also at data processors that you work with Ensure that the correct metadata about any data relationship updated over time Plug and play and avoid the need for lengthy negotiations or consortium establishment
Transferring data to third countries
Can you consistently apply the same corporate rules across multiple entities and ensure that those rules are being applied?
Modern businesses rely on sending data across borders. Unfortunately this got much more difficult with GDPR. Ohalo's Data Protection Router allows you to deploy access controls in a consistent manner and keep track of how data is flowing across different legal entities and third parties, even if they are in different jurisdictions. Smart contract enforced identities linked to legal entities to ensure that you are interacting with the right data source under the right conditions Automatically maintained log of when data was accessed and by who output through a UI or to your own business information (BI) systems Secure from data request to data fulfillment