A powerful GDPR tool

With Lexoforms online GDPR software, you can easily and intuitively organize the statutory GDPR documentation – and you will be guided through all the steps in the process...

Join a loyalty club, you provide personal data

Data responsibility in 5 steps

Lexoforms' GDPR system logically and intuitively guides you through 5 steps towards greater data responsibility. First, all data, agreements, and risks need to be mapped out, then they need to be integrated into the organization – and finally, they need to be maintained.

Even though our GDPR software is structured to logically guide you through all 5 steps, you can easily rearrange the order if it suits you better.

GDPR is an ongoing process

GDPR is an ongoing process, and therefore you will quickly fall short if you do not use a dedicated GDPR system but instead rely on something like a spreadsheet.

Our GDPR software includes both pre-filled texts with legally correct formulations and relevant examples throughout.

Additionally, there are help texts and videos, as well as the option to contact our support via email and phone – and if you need a advisor, we offer you a list of more than 50 experts.

Mapping

1     Data

· purpose
· legal basis
· internal users
· external recipients
· type of data
· erasure
.

2    Agreements

· data processors
· sub-processors
· third country transfer
· basis of transfer
.
.
.

3    Risk

· confidentiality
· availability
· integrity

Measured by consequence
and likelihood
.

Article 30 register 

Implementation

4    Internal

· employee instructions
· DPA
· consent
· duty of disclosure
· cookie policy
· security policy
· security breach

Objections +

Operation

5    Tasks

· security
· erasure policy
· systems
· organization
· insight
· risk assessment
· audit

Data breaches +

Hvad skal det bruges til?

Når I har styr på alle 5 trin, kan I handle hurtigt, hvis fx en kunde vil have udleveret sine data, der sker et databrud, eller hvis Datatilsynet kigger forbi.

Article 30 register

Kortlægningen i trin 1-3 samles i den lovpligtige Artikel 30 fortegnelse, der dokumenterer, hvordan I opbevarer og behandler persondata.

Det er et dynamisk dokument, der altid skal være opdateret, så den kan fremvises hvis ønsket, når fx Datatilsynet kommer på besøg.

Med Lexoforms GDPR-værktøj laves Artikel 30 fortegnelsen automatisk – altid 100% ajour.

Indsigter & indsigelser

Med stadig flere registrerede persondata stiger også sandsynligheden for, at ansatte, kunder eller andre gerne vil vide, hvad I egentlig har liggende på dem.

Det skal der være en helt klar rutine for, så I let kan finde, rette og slette de persondata, det handler om.

Med Lexoforms GDPR-værktøj søger og finder du let alle de steder, hvor persondata ligger.

Hændelser & databrud

Ved hacking, datalæk eller sikkerhedsbrud skal jeres håndtering af hændelsen dokumenteres, herunder hvilke afhjælpende foranstaltninger, I har i værksat inkl. information til berørte personer.

Ved risiko for de registrerede, skal I indberette til Datatilsynet.

Med Lexoforms GDPR-værktøj bliver du guidet gennem proceduren ved databrud.

Register data only once

Simplicity is key, so with Lexoforms GDPR tool, you start with the IT systems you already use. Unlike a process-oriented approach, you only register data once, which means far fewer registrations and a significantly faster and better overview.

If you e.g. choose employee data, you can choose to map all processes around salary, vacation, pensions, maternity leave and sick days. Or you can choose the main purpose personnel administration and focus only on the few data points that recur across all processes.

Når du registrerer dig, afgiver du persondata

Lexoforms templates

  • template for declaration of consent
  • template for duty of disclosure
  • template for employee instructions
  • template for Cookie Policy
  • template for security policy
  • template for data breaches
  • template for data processing agreement

Get the job done with GDPR templates

With Lexoform's GDPR tool, it is easy to get started – and manageable to get it done. Most boxes, text fields and forms are already pre-filled with text, which you can simply edit – or you can replace the lot if you want.

Additionally, the Lexoforms GDPR tool includes a wide range of GDPR templates to meet virtually any need.

Help is at hand

The simple approach is one of the main reasons why our customers repeatedly emphasize that our GDPR tool makes the task of documenting GDPR much simpler and more intuitive than they had expected.

If you have any questions along the way, our GDPR solution includes both text and video guides. You can also call or write to our support team – we are available Mon-Thu 8:30-17:00 and Fri 8:30-16:00.

Call us at 78 700 800

Email us at info@lexoforms.com

Når du bærer et ID-skilt, afgiver du persondata

GDPR and data protection are very important to consumers

0 %
"I expect companies I do business with to protect my data"
0 %
"It is important to know the company's data privacy policy before I buy"

Why digital trust truly matters
McKinsey Digital, September 2022

What You Can Do with Lexoforms

Below you can see examples of some of the modules that make working with GDPR simple, intuitive and above all… affordable.

Dashboard

On your dashboard, you quickly get an overview of how far you are with your mapping, risk assessment, tasks and much more.

Mapping

In the mapping module, you can easily create and register which personal data is stored where. Thus, you only register data once and can easily find it again.

DPA

In the data processing module, you can easily create a data processing agreement, which you can then send for review and digital signature.

Risk assessment

In the risk assessment module, you can assess the risk of data breaches for all the systems you use. The assessment provides an overall score of low, medium or high risk.

Tasks

In the tasks module, you can set up a yearly cycle with single or recurring tasks to continuously ensure that your documentation is always up to date.

Insight

In the insight module, you can easily find out where various types of personal data for e.g. customers, employees or suppliers are registered.

Templates

Under templates, you can choose from a range of different pre-filled texts for various purposes, which you can copy, edit and use.

Incidents

In the incidents module, you can choose from a wide range of different incidents where you will be guided to fill in the necessary information.

How many data breaches are caused by human error?

95%

The State of E-mail Security 2023
Mimecast 2023

Are you happy with Lexoforms?

Try 2 weeks for free

Experience our online solution with simple checkboxes, pre-filled fields and ready-made templates free for 14 days and see if it's right for you.

NO COMMITMENT

Book a 1:1 demo

Try a tailored guided tour through our online GDPR tool and discover the many smart features that make working with GDPR simple and effective.

ONLY 30 MINUTES

Free webinar

Join the webinar "GDPR in 60 minutes" and learn how to comply with the law – and how to do it without spending unnecessary time on the task.

GDPR IN 60 MIN.

    Mapping of data

Hvilke personhenførbare data gemmer I hvor and hvorfor – og hvordan håndterer I dem?

Identificér alle de persondata, I opbevarer. Hvor ligger de, hvorfor har I dem, hvordan sikrer I dem – og ikke mindst, hvordan håndterer I dem internt og eksternt? Husk slettepolitik.

    Kortlægning af aftaler

Har I aftaler med eksterne databehandlere – og er I også selv databehandler?

Benytter I eksterne til at behandle jeres persondata? I så fald skal I have en aftale med hver enkelt, og desuden beskrive, hvordan I fører tilsyn med jeres databehandlere.

    Kortlægning af risiko

Er der risiko for et sikkerhedsbrud – og hvad er sandsynlighed and konsekvens i givet fald?

Hvad er sandsynligheden for at der sker et databrud, og hvad er i givet fald konsekvensen for de registrerede? Vurderingen skal baseres på organisatoriske, tekniske and fysiske risici.

Article 30 register

Kortlægningen i trin 1-3 samles i den lovpligtige Artikel 30 fortegnelse, der dokumenterer, hvordan I opbevarer og behandler persondata.

Den er et dynamisk dokument, der altid skal være opdateret, så den kan fremvises på forlangende, hvis fx Datatilsynet kommer på besøg.

Med Lexoforms GDPR løsning laves Artikel 30 fortegnelsen automatisk – altid 100% ajour.

4      Implementation

Ved alle medarbejdere hvordan de bedst håndterer diverse persondata?

GDPR lever i hverdagen, så der skal være styr på oplysningspligt inkl. formål og hjemmel, medarbejderinstrukser, samtykke, retten til indsigt, indsigelser, cookiepolitik og sikkerhedspolitik.

Indsigelser og indsigter

Med stadig flere registrerede persondata stiger også sandsynligheden for, at ansatte, kunder eller andre gerne vil vide, hvad I egentlig har liggende på dem.

Det skal der være en helt klar rutine for, så I let kan finde, rette og slette de persondata, det handler om.

Med Lexoforms GDPR løsning kan du let søge og finde alle de steder, hvor persondata ligger.

5      Operation

Det er i dagligdagen, at GDPR lever, så der skal være styr på det løbende vedligehold. Er der fx nye medarbejdere, kunder eller it-systemer?

GDPR-dokumentationen skal altid være opdateret, så I kan handle ved et sikkerhedsbrud og fremvise Artikel 30 fortegnelsen til Datatilsynet efter behov. Her er løbende kontroller centrale.

Databrud & hændelser

Ved hacking, datalæk eller sikkerhedsbrud skal jeres håndtering af hændelsen dokumenteres, herunder hvilke afhjælpende foranstaltninger, I har iværksat inkl. information til berørte personer.

Ved risiko for de registrerede, skal I indberette til Datatilsynet.

Med Lexoforms GDPR løsning bliver du guidet gennem proceduren ved databrud.

     Mapping of data

What personal data do you store, where and why – and how do you handle it?

Identify all the personal data you store. Where is it located, why do you have it, how do you secure it – and most importantly, how do you handle it internally and externally? Don’t forget the erasure policy.

    Mapping agreements

Do you have agreements with external data processors – and are you a data processor yourself?

Do you use external parties to process your personal data? If so, you need to have an agreement with each one and also describe how you oversee your data processors.

     Mapping of risk

Is there a risk of a security breach – and what are the likelihood and consequence if it happens?

What is the probability of a data breach occurring, and what would be the consequence for the data subjects? The assessment should be based on organizational, technical and physical risks.

Article 30 register

The mapping in steps 1-3 is collected in the statutory Article 30 register, which documents how you store and process personal data.

It is a dynamic document that must always be updated, so it can be presented upon request, for example, if the Data Protection Authority drops by.

With Lexoforms GDPR tool, the Article 30 register is created automatically – always 100% up to date.

4      Implementation

Do all employees know how to best handle various personal data?

GDPR lives in everyday life, which means that the duty of disclosure must be in place, including purpose and legal basis, employee instructions, consent, the right of access, objections, cookie policy and security policy.

Objections and access

With still more personal data being registered, the probability increases that employees, customers, or others wants to know which of their personal data you keep.

There must be a clear routine for this in order to easily find, correct and erase the relevant personal data.

With Lexoforms GDPR tool you can easily search and find all the places where personal data is stored.

5      Operation

It is in daily operations that GDPR lives, so ongoing maintenance must be secured. Are there, for example, new employees, customers or IT systems?

The GDPR documentation must always be up to date in order to properly handle an event of a security breach incl. presention of the Article 30 register to the Data Protection Authority. Ongoing tasks are key.

Data breaches & incidents

In the event of hacking, data leaks or security breaches, your handling of the incident must be documented. Which remedial measures have you implemented, including information to affected individuals?

If there is a risk to the data subjects, you must report it to the Data Protection Authority.

With Lexoforms GDPR tool, you will be guided through the procedure in case of a data breach.

Hungry for more?

Book a meeting when it suits you – or receive a call from us.

Click on Free trial

– and get free access for two weeks. No strings attached... 😊