This site uses cookies for its functionality, if you want to learn more or opt out of all or some cookies href="/ita/pag/informativa_cookies_privacy/66/">click here.
By closing this banner or clicking any of its elements, you consent to the use of cookies.

Management System

1.Context Definition, Changes Management and Privacy Risks 

The reformulation of the business strategies, the reorganization of the company processes, the redesign of the information system and the revision of contracts, delegations and appointments are managed in KRC® in terms of the risks of privacy. Appointment of the Data Protection Officer (Data Privacy Officer DPO), Classification of Treatments, Purposes, definition of Security Measures.

2.Data Processing and Information and Consent Management

It allows the identification of the various interested parties to which certain purposes are associated and related offices, describing the collection, management and deletion of data. The limits on the authorized processing of personal data and the criteria for transferring data outside the EU and for infringement cases are defined.

3.Impact Assessment (Data Protection Impact Assessment DPIA or PIA)

It allows an assessment of the necessity and proportionality of a treatment with respect to the risks for the rights and freedoms of individuals. The DPIA is a tool that allows the Owner not only to meet the requirements of the GDPR, but also to demonstrate that appropriate measures have been taken to ensure compliance with the EU GDPR Regulation 679/2016.

4.Identification Risks, Analysis, Security Measures and Evaluation

It allows to identify the risks for each interested party and specific purposes, to define as-is or to be measures according to risks and vulnerability. Through the green or red traffic lights on categories of security measures it is possible to define the Probability and the Gravity and relative calculation of the Risk.

5.Risk Management and Action Plans Management

It allows you to manage the assignment and management of activities, the frequency and the relative responsibility, the schedule with notification of warning and alert, the registration of the accomplishment of the documents, the upload of the documentation, the closure.

6.Reporting of Data Breach Events

Management of data breaches: from reporting, to evaluation, to communication and processing and drafting of procedures for the violation of personal data (Data Breach) with the guarantor.

7.Mainenance and Control

Generate the Register of treatments (Privacy Register) by the Data Controller and each Data Processor. Drafting of the Privacy Management System Manual.


Integrated Flows

The Management System is completed through the procedural flows shown alongside. The flows allow integration with other management systems. For example, in the Audit flow it is possible to manage Environmental, Health and Safety, Quality, Energy, etc. audits.

Flow Rules and Laws for the management of legal requirements by company managers

It allows to produce the regulatory framework, the systematization of the provisions contained in the provisions and to assess the legislative compliance by identifying methods of verification and control and those responsible. Regulatory schedule with sending notifications of prescriptions to managers.

Authorization Management Flow

It allows to manage the authorization from the identification, to the assignment of responsibility. Creates the authorization framework, allows management of the related activities and creates the authorization register. Schedule with notification of notice and registration of the accomplishment with upload of documentation.


The top management and the DPO have the ability to monitor in real time the compliance with all the requirements with a single control dashboard. Simplifies the procedures and controls required by the regulatory provisions.

Consulting Support

Assessment Privacy and gap analysis to the new European Regulation 679/2016:

  • Risk Assessment As Is (D. Lgs. 196/03)
  • Risk analysis European Regulation (UE) 679/2016
  • Gap analysis between Risk assessment As Is and European Regulation (UE) 679/2016
  • List of the actions to implement for the adjustment to European Regulation (UE) 679/2016

Training Activities

The KEISDATA consultants are prepared to provide informative and training activities based on the needs that emerged during consultancy support.