How to choose the right GDPR software for your organisation? Most start with Excel — record of processing activities in a spreadsheet, authorisations in a separate file, retention deadlines somewhere in a calendar. It works at first. The problem appears after a few...
iGDPR - personal data protection management online › GDPR and iGDPR guides for practitioners and beginners
GDPR and iGDPR guides for practitioners and beginners
Practical GDPR guides — step by step, from fundamentals to advanced topics. How to maintain a record of processing activities, conduct a risk assessment, manage authorisations and handle data breaches. Written for DPOs, controllers and anyone starting their work with GDPR compliance.
CCPA vs GDPR – Key Differences and What They Mean for Your Business
Apr 21, 2026 | GDPR and iGDPR guides for practitioners and beginners
CCPA vs GDPR — these are the two most influential data privacy laws currently in force, and understanding how they differ is essential for any organization operating across the EU and the US. But they are not the same law, and compliance with one does not guarantee...
GDPR Compliance for US Companies – When It Applies and What to Do
Apr 21, 2026 | GDPR and iGDPR guides for practitioners and beginners
GDPR compliance for US companies is not optional — and it is not a European problem alone. It is not. If your company collects, processes, or monitors the personal data of individuals located in the EU — regardless of where your business is incorporated or where your...
Personal Data Breaches Under GDPR – How the 72-Hour Rule Works Across Europe
Apr 16, 2026 | GDPR and iGDPR guides for practitioners and beginners
A personal data breach is one of those events every organisation hopes will never happen — and one for which every organisation needs a documented procedure before it does. The GDPR introduced a mandatory 72-hour notification requirement that fundamentally changed how...
Employee Monitoring and GDPR – What Employers Can Do
Apr 16, 2026 | GDPR and iGDPR guides for practitioners and beginners
Employee monitoring under GDPR is one of the areas most frequently scrutinised by supervisory authorities across the EU — and at the same time one of the most commonly applied by employers without full awareness of the legal boundaries. The GDPR does not regulate...
Email Marketing and GDPR – Consent, Legal Bases, and What Changes Under the ePrivacy Rules
Apr 16, 2026 | GDPR and iGDPR guides for practitioners and beginners
Email marketing is one of the areas where compliance requirements change fastest — and where violations are easiest to detect. Every organisation running a newsletter, email campaigns, or any form of direct electronic marketing across the EU must navigate two parallel...
Data Protection Officer – When Required, Responsibilities, and Common Pitfalls
Apr 15, 2026 | GDPR and iGDPR guides for practitioners and beginners
The Data Protection Officer (DPO) is one of the most ambiguous roles in the organisational structure arising from the GDPR. In many organisations, the DPO is simply the person who "does GDPR" — writing documents, conducting training, answering employee questions. Yet...
Data Transfers Outside the EEA – When They Are Lawful and How to Safeguard Them
Apr 15, 2026 | GDPR and iGDPR guides for practitioners and beginners
Every organisation using SaaS systems, cloud services, email marketing tools, CRM platforms, or HR software should ask itself one question: where are my customers' and employees' data actually processed? If a vendor's servers or technical operations are located...
GDPR Compliance Audit – How to Conduct One and What to Check
Apr 15, 2026 | GDPR and iGDPR guides for practitioners and beginners
A GDPR audit is one of those tasks that sounds serious but is rarely carried out regularly in practice. The reason is simple: without proper structure, an audit becomes a one-off exercise — a document review that quickly becomes outdated once it is finished. Yet the...
NIS2 and GDPR – What They Have in Common and What You Need to Do
Apr 15, 2026 | GDPR and iGDPR guides for practitioners and beginners
From 3 April 2026, the amended Act on the National Cybersecurity System (KSC), implementing the EU NIS2 Directive, is in force in Poland. For thousands of organisations across Europe, this means new cybersecurity obligations — regardless of whether they already comply...
Manage GDPR and multi-jurisdiction compliance in one place
iGDPR helps you build and maintain your record of processing activities, manage data subject and consumer rights requests, document legal bases, and track vendor agreements — across multiple entities and jurisdictions if needed. See how it works in practice.
START FREE TRIAL, no commitment