MexonInControl for Privacy

MexonInControl for Privacy is a SaaS service with which every organization can build & maintain the registers required by the GDPR. Registers for processing activities, processors, processing agreements, data breaches, security incidents, standards, risks, measures and Data Protection Impact Assessments.

Plan a demo Request more information Datasheet MexonInControl for Privacy

The General Data Protection Regulation (GDPR) has given organizations, that process personal data, several obligations. Many organizations try to get those aspects, the creation of registers, under control with tools such as Microsoft Excel, a tool that is often used for making lists. Excel offers a dynamic start, but it is not designed for GDPR registrations. As a result, you do not get the desired useful insights.

MexonInControl for Privacy is a SaaS solution that allows you to take the next steps to comply with the GDPR obligations regarding registers quickly and with little effort. MexonInControl has been developed specifically for GDPR administration. The choice for an insightful, reliable, well-arranged and transparent tool is something one cannot do without.

MexonInControl ensures that the GDPR requirements are complied with in a user-friendly manner. Since ALDI has been using MexonInControl on a daily basis, the demonstrability of the design, existence and operation of all processes surrounding GDPR is guaranteed. The most important aspect is that it is now possible to establish correlations between processing, agreements and systems with the corresponding stakeholders from various angles.

Philippe den Arend - Information Security Manager - ALDI Netherlands

What is GDPR compliance?

The GDPR imposes more responsibility on organizations. Openness, transparency and accountability are important issues concerning privacy protection.

Each organization has to assess and document how much they are affected by this regulation (in other words is personal data being processed). The conclusion of this research must be documented, even if there is no processing of personal data!

For this research (via assessments) it is important to have insight in the processing activities. Setting up and correctly filling the register of processing activities is an initial activity that directly meets an important requirement in GDPR.

By executing a Data Protection Impact Assessment (DPIA), independent of the form (small or –very- extensive), the current status will be clearer, including which areas need attention.

By filling a register of processors and processing agreements these aspects will be more under control. These components form a solid basis for meeting the requirements of the GDPR, particularly because their mutual interdependence can be documented.

Data Breaches and suspicions there-of also need to be registered. For this MexonInControl has a specific register click here for more information.

Setup for your organization

Every organization has its characteristics. MexonInControl for Privacy is characterized by a high degree of flexibility with regard to the setup. A register can be configured for any organization, with the concepts that are customary in your occupation. This applies to the labeling of fields and columns and also to the values that can or may be entered therein. You can also decide yourself which data is visible, hidden or mandatory.

Assessments (questionaires)

MexonInControl for Privacy offers a number of basic assessments for a smooth start:
  • DPIA Check: is a DPIA necessary
  • DPIA Checklist new processing activity
  • DPIA Checklist existing processing activity
  • (Suspicion of a) data breach (For more info on data breaches click here
  • (Suspicion of a) security incident
  • Verification of measures taken at a supplier
  • Exercise of data subjects' (access) rights
The entire lifecycle of an assessment is supported: from linking to a specific scope, assigning to people, following the status, reviewing the result, assigning a follow-up assessment, saving and printing.

You can create your own organization specific assessments which can be integrated in your website(s). These build-your-own assessments can also be sent via e-mail to suppliers, external users and other parties who are involved in your processes. You can start from scratch making these assessments or start with an existing template.

English Databreach assessment