HomeCompliance › GDPR

GDPR compliance software, EU-native and audit-ready.

Records of Processing Activities support, breach register with Article 33 notification fields, sub-processor list, DPIA register links, DSAR-handling reference. EU-built, EU-hosted. From €29 a month.

Open the portal See pricing

What is GDPR?

EU General Data Protection Regulation. Any organisation processing personal data of EU residents: SaaS vendors, e-commerce, healthcare, finance, public sector, education.

Who needs to comply

  • B2B SaaS companies serving EU customers
  • Health-tech, fintech and edtech with sensitive personal data
  • E-commerce and marketing operators handling EU consumer data
  • Public-sector and non-profit organisations under GDPR scope

Key GDPR controls covered by Dazr

Article 6, 9Lawful basis records and special-category checks per processing activity.
Article 28Sub-processor register with DPA URLs and review cadence.
Article 30Records of Processing Activities document linked from the workspace.
Article 32Technical and organisational measures, with controls shared with ISO 27001 if both are enabled.
Article 33-34Breach register with regulator-notification fields and 72-hour clock.
Article 35DPIA register URL, with a recurring review task per high-risk activity.

What auditors look for

Supervisory authorities sample evidence: ROPA is up to date, breach register exists and is populated, sub-processor changes follow notice, DPIAs exist for high-risk processing. The platform holds each one.

How Dazr helps with GDPR

  • Link your ROPA URL and refresh on the platform-driven cadence
  • Run the breach register with severity, timestamps, regulator-notification block and root cause
  • Maintain the sub-processor register with DPA URLs, last review dates and renewal alerts
  • Track DPIAs as recurring tasks per high-risk processing activity
  • Hand the supervisory authority a clear audit trail when sampled

Back to the full Dazr Compliance overview › | Sign up free ›

GDPR questions, answered.

Does Dazr file the breach notification with the supervisory authority for me?

No. We hold every field your authority will ask for and we time-stamp every state change, but the actual filing goes through the authority's portal. The 72-hour clock is yours to track.

Can I use Dazr alongside an external DPO?

Yes. Many customers do. The DPO email goes in the compliance profile; they get reminders alongside the workspace owner.

Where is data hosted?

European Union only. Application data is encrypted at rest with AES-256-GCM in addition to provider-level encryption.

Is Dazr a sub-processor?

Yes. We are an Italian GDPR Article 28 sub-processor of yours; the DPA at /legal/dpa activates automatically when a workspace is created and we publish the current sub-processor list at /legal/subprocessors.

Ready to start your GDPR program?

Free for one user. Pro €29/mo and Enterprise €299/mo are self-serve via Mollie. Custom (from €800/mo) is the only tier on a contract.

Open the portal All frameworks