Skip to main content

Inventory System Reports Overview

Inventory System Reports provide a comprehensive overview and detailed documentation of an organization's data inventory. This report may detail the types of data collected, stored, and processed by the company. The Inventory System Report might include information about the various data sources, categories of personal information, the purposes for which data is used, and the data flows within the organization. It could offer insights into the company's data ecosystem, allowing businesses to understand their data practices, assess compliance with privacy regulations, and manage data privacy effectively. These reports have proven to be valuable for data governance, compliance audits, and ensuring transparency with respect to how personal information is handled within an organization. It assists in identifying and managing sensitive data, thereby enabling businesses to take necessary actions to secure, control, and govern their data in accordance with privacy laws.

DataGrail User Roles

Only users granted specific user roles will have access to this page. The following roles are able to view and interact with Inventory System Reports:

  • Inventory Manager
  • Super Admin

Note : Only customers that have purchased Live Data Map will have access to this tool. Combining any user roles that do not have access to this UI with any of the above user roles that do have access to this functionality will grant a user access to these updates. e.g. If a user had a Live Data Map Admin Role, adding a Super Admin Role to their user record would then allow them access to Request Policies.

Inventory System Reports

The Inventory System Reports sub-tab allows for the review and approval of reports for all systems currently connected in your inventory. In this view, the Data Processing Report page can be found at the top of the left nav.

Screen

Below the Data Processing Report, each connected system's report will appear in the left navigation. Each system will display:

  • Service logo, name, and domain

  • Legal Roles

    • The legal relationship between your company and the given system

  • Contacts

    • Contact information of employees or entities associated with the system

  • Legal Basis

    • Lawful grounds for processing data from the system and the applicable countries

  • Data Processing Details

    • Metadata added for this system that outline the general data types and processing types to that have been reported
      NOTE : Metadata added has been determined at the overall system level and each customer should refine based on their specific interaction with that system. These details can be edited from this page

  • Data Subject

    • A Data Subject is a natural person who can be identified, directly or indirectly, using various online and offline identifiers, characteristics or inferences. Specific legal definitions vary

  • Personal Data Categories

    • Personal Data, also called personal information or PII, is information relating to an identified or identifiable natural person

      • If a system has any of the below categories, we will also show that the system contains "Sensitive Personal Information" within the ISR
        • Political affiliations
        • Religious beliefs
        • Philosophical beliefs
        • Race or ethnicity
        • Sexual orientation
        • Health data
        • Biometric data
        • Criminal history
        • Credit or financial data
        • Trade union and membership information
        • Personal identification (ID) numbers — license, social security, state ID cards, passports

  • Personal Data Origins

    • Personal data origins refers to how the personal data was originally collected for the system named in the report

  • Processing Purposes

    • Processing refers to any operation that is performed on personal data, such as collection, recording, storage, alteration, use, transmission, or erasure

  • Data Distribution

    • Data distribution refers to personal data transferred from the system name in the report to other systems in your inventory

  • Data Subject Consent Origins

    • Consent refers to any freely given, specific, informed and unambiguous indication of the data subject's agreement to the processing of their personal data

  • Protective Measures

    • Protective measures refers to any steps taken to safeguard data

  • Additional Questions

    • Add additional information relevant to this system

Save and Approve Reports

The fields in the expanded view are populated from the information you provide in the systems report. In addition to viewing the information here, this overview can be edited and saved by clicking the Save Report button at the bottom of the page.

To approve the report prepare it for download, click the Save and Approve Report button at the bottom of the screen.

If you have any questions about this product, please reach out to your dedicated CSM or support@datagrail.io.

Disclaimer: The information contained in this message does not constitute as legal advice. We would advise seeking professional counsel before acting on or interpreting any material.