HOPEX GDPR: Assess and ensure Compliance to GDPR



HOPEX GDPR provides a collaborative workspace for DPOs and cross-functional stakeholders to manage a GDPR compliance initiative. This solution gives you the right tools to understand how your organization complies with GDPR, to implement the needed changes and automatically produce documents required by the regulator. The methodology has been developed with Gruppo IMPERIALI, who brings more than 30 years of Data Protection legal expertise. HOPEX GDPR integrates up-to-date regulatory details and legal templates to accelerate your remediation plans.




With HOPEX GDPR you can:

  • Manage compliance efforts from a collaborative workspace and centralized repository
  • Inform and accelerate remediation activities with up-to-date regulatory details and legal templates
  • Document and demonstrate compliance with a full range of reports designed for the Supervisory Authority
  • Maintain control over data privacy with Data Protection Impact Assessments
  • Influence privacy by design efforts and know when to assess new and evolving processing activities


Key Features

Description of Data Processing Activities

HOPEX GDPR allows your company to create and describe activities processing Data Subject information:

  • Identify processes or applications handling sensitive data categories
  • Specify categories of involved data subjects and legal basis for processing
  • Assign DPOs and owners to processing activities to coordinate compliance efforts
  • Carry out a preliminary compliance assessment

Data Protection Impact Assessments (DPIA)

The solution allows your company to conduct a DPIA whenever required

  • Prioritize processing activities by risk scale and compliance level
  • Define which processing activities require a DPIA and which do not need it
  • Document risks and threats preventing achievement of compliance
  • Issue recommendations to address identified risks and threats
  • Track implementation of recommendations

Data Breach Incidents

HOPEX GDPR allows you to not only capture data breaches, as required by the regulation, but also to analyze them:

  • Documents breaches with dates of discovery and actual breach, nature, origins, consequence, data categories affected
  • Capture remedial actions and whether regulators and affected individuals have been informed
  • Allows you to investigate causes of data breach by comparing current with past DPIAs

Reporting & Analysis

All the information captured in HOPEX GDPR is presented in a range of useful reports:

  • Record of processing activities – generates a Word editable report for easy distribution to stakeholders
  • DPIA Document – provides full description of the DPIA and refers to the relevant GDPR articles
  • Data Transfer Map – to view what data categories for what data subjects, where from and to, on a world map
  • Subject Rights Report – to assess if compliance for all data subjects has been achieved on all processing activities
  • Data Category Heatmap – table describing data categories, their risk scale, as well as processing activities, status of pre-assessment, whether a DPIA has been carried out and overall compliance level
  • Inconsistencies Report – compares a data processing activity pre-assessment against its sub processing activities’ ratings
  • Freshness & Priority Indicators – automatically calculated based on last date of assessment and overall impact rating