Arelios in a nutshell
Arelios is an all-in-one and collaborative solution which helps you get GDPR under control.
Whether you are an external or internal DPO / Privacy expert / Compliance Officer / Legal Professional, Arelios will help you drive your compliance journey to success.
It has been specifically designed to tailor to the needs of organizations of all sizes and operational complexity.
Arelios offers a single engagement platform between you and your organization’s business units to:
- Survey and assess the compliance level of each unit
- Establish an action plan and follow-up on compliance status
- Build processes around sensitive data
- Register breaches and implement corrective actions
Get in touch for more information or log in for an immediate free trial !
Available for every user with standard licences
Available on demand on a case-by-case basis
Frequently Asked Questions (FAQs)
You can use the “Quiz” feature to test the knowledge of your staff. Based on the results of those surveys, you will be able to identify the teams / areas of your organization that require additional training.
You can also distinguish your staff by level of “data exposure” which is most useful when prioritizing focus or ensuring different levels of GDPR maturity across your organization.
Additionally, your collaborators can rely on a “learning center” where they will find all the necessary information (videos & user guides) to use the platform on their own and get familiar with GDPR guidelines.
Two specific modules are specially dedicated to the management of potential future data breaches and data subject requests.
On top of that, the “versioning” feature enables you to regularly send surveys to detect any potential deviation, new data processing activity and/or changes in your data-handling IT infrastructure, etc… You decide he frequency and can choose to update all your organization or only those parts of your operations that require a specific focus.
In terms of overall GDPR awareness inside your organization, you can send regular quiz to foster GDPR maturity amongst your staff. Again, you can choose to put a specific focus on those teams that have shown a lack of awareness in the past or that have a particular high risk exposure (e.g. in case of high volumes of sensitive data).
A specific obligation (and module on our platform) is dedicated to the management of data subject requests.
Beyond all the technical & organizational security measures that are assessed proactively, a specific obligation (and module on our platform) is dedicated to the management of incidents related to GDPR under which data breaches.
You can also export this specific scope of information for breach notifications to the Data Protection Authorities.
Extract functionalities are of course integrated.
You can extract all the information inputted in the tool in a Word or Excel format. A few predefined views are available (a.o. Data Process Register & DPIA’s) but you have a total flexibility on the range of data and organizational scope (e.g. only department A from Country C).
It is also covered.
Every identified data processing activity can be assessed against guidelines provided by the generic provisions of the GDPR regulation, the additional “Article 29 Working Party” guidelines and the respective ones of each Data Processing Authority.
One of GDPR’s cornerstone is the Data Process Register. However, it quickly becomes a true challenge to document and a hassle to keep it updated efficiently when having to deal with many business units and legal entities across an organization.
Our GDPR solution efficiently deals with it by enabling you to connect your data processing activities to your organizational structure. You are able to create as many legal entities, business units, departments, teams, … as you want and rely on your key staff to provide relevant information at every level of your organigram.
In terms of GDPR content, all the basics are of course covered: data subjects, personal data categories, data volumes, purpose identification, legal basis for processing, consent management, retention periods, sensitive data, data recipients and other implicated third parties, data-handling IT systems, …
The first 4 obligations cover all aspects of an initial compliance setup:
- CARE: Take personal data seriously
- KNOW: Document all your data processing activities
- RESPECT: Process data in a legitimate way
- PROTECT: Have appropriate security measures in place
The last 2 obligations focus on compliance maintenance and long-term compliance:
- DEFEND: List all incidents (a.o. data breaches) and take the right actions
- ATTEND: Follow-up on any data subject request
To those legal professionals (DPO’s, privacy officers, lawyers, jurists, … ) who support their clients in their GDPR compliance journey, we offer a dedicated “partner” access through which they can create in total confidentiality distinct instances for their own clients.
Basically organizations from all sizes, sectors and personal data exposure levels that are in need of an interactive and centralized platform to pilot their compliance journey.
Whether you are a Data Protection Officer (DPO), a Chief Information Security Officer (CISO), a Legal Counsel, a Compliance Officer or any other professional looking to strengthen the GDPR maturity of your organization, our GDPR solution will help you achieve this goal.