DSAR MANAGEMENT
Data subject requests. On time. Provable.
Art. 15 GDPR gives data subjects rights. Kopexa gives you the process: receive requests, verify identity, collect data, respond on time. Everything documented.
HOW IT WORKS
From request to on-time response
Receive request
Via email, form or manually. Kopexa captures request type, contact details and starts the 30-day timer automatically.
Verify identity
Configurable levels: simple (email confirmation), strong (ID copy) or custom. Documented in audit trail.
Collect data
Assign tasks to departments. Collect data from systems, vendors and internal teams. Redact third-party data.
Respond & close
Generate response letter, compile data package, send to data subject. Complete evidence for the supervisory authority.
ART. 15-22 GDPR
All data subject rights. One process.
GDPR gives data subjects six core rights. Each has its own requirements for verification, scope and response. Kopexa covers them all.
Access
What data is processed, why, who receives it and how long it's stored.
Rectification
Correct inaccurate data, complete incomplete data.
Erasure
Delete data when purpose expires, consent withdrawn or processing unlawful.
Restriction
Restrict processing, e.g. while accuracy is being verified.
Data portability
Receive data in machine-readable format or transfer to another controller.
Objection
Object to processing, especially for direct marketing or legitimate interest.
ON TIME & PROVABLE
30 days. No room for chaos.
GDPR gives you 30 days. Kopexa makes sure you use every day effectively. With automatic deadlines, clear task assignment and complete documentation.
30-day timer
Starts automatically on receipt. Escalation at 20, 25 and 28 days. Extension (2 months) documented.
Identity verification
Three levels: email confirmation, ID copy or custom. Result stored in the case file.
Data redaction
Redact third-party data before disclosure. Mark, justify and approve in one step.
Task delegation
Delegate data requests to IT, HR, sales or vendors. Each sees only their part.
Response templates
Templates for access response, deletion confirmation, rejection and extension. Exportable as PDF.
Configure request types
Define custom categories, verification levels and workflows per request type. Adaptable to your organization.
WHY KOPEXA
DSAR is not email ping-pong
Most teams handle data subject requests via email and shared drives. That works until the first complaint to the supervisory authority.
| Excel / Email | Privacy tool | Kopexa | |
|---|---|---|---|
| Request intake (portal/form) | |||
| Automatic 30-day timer | |||
| Identity verification (multi-level) | |||
| Task delegation to departments | |||
| Data redaction before disclosure | |||
| All rights (Art. 15-22) covered | |||
| Response templates (PDF export) | |||
| Linked to RoPA & assets | |||
| Extension documented | |||
| Audit trail for authority |
FEATURES
Everything DSAR management needs.
Request portal
Coming soonData subjects submit requests via configurable form. Type, contact details and evidence captured in a structured way.
Deadline tracking
30-day timer from receipt. Automatic escalation. 2-month extension documented.
Identity verification
Configurable levels: email, ID copy, video ident or custom. Verification log in case file.
Task delegation
Delegate data requests to departments and vendors. Real-time progress tracking.
Data redaction
Mark and redact third-party data. Document justification. DPO approval.
Response templates
Templates for each request type: access, erasure, rectification, rejection. PDF export.
Linking
Connect DSARs to records of processing, assets and vendors. Context stays intact.
Audit trail
Every action, every timestamp, every decision. Audit-ready for supervisory authorities.
Reporting
Overview of open, completed and overdue requests. Average processing time. Export.
Ready for DSAR management without deadline panic?
Let us show you in 30 minutes how Kopexa brings data subject requests, deadlines and audit trails together.