Skip to main content

System Profile Page

The new System Profile Page (previously Inventory System Report) provides an overview of standard data processing use cases for each system, helping you understand where personal data lives across your organization and surface risk.

Inventory System Reports Page

Report Data Categories

Below the Data Processing Report, each connected system's report will appear in the left navigation. Each system will display:

Legal Roles

  • The legal relationship between your company and the given system.

Contacts

  • Contact information of employees or entities associated with the system.

Legal Basis

  • Lawful grounds for processing data from the system and the applicable countries.

Data Subject

  • A Data Subject is a natural person who can be identified, directly or indirectly, using various online and offline identifiers, characteristics or inferences. Specific legal definitions vary

Personal Data Categories

  • Personal Data, also called personal information or PII, is information relating to an identified or identifiable natural person.
    • If a system has any of the below categories, we will also show that the system contains "Sensitive Personal Information" within the ISR
      • Political affiliations
      • Religious beliefs
      • Philosophical beliefs
      • Race or ethnicity
      • Sexual orientation
      • Health data
      • Biometric data
      • Criminal history
      • Credit or financial data
      • Trade union and membership information
      • Personal identification (ID) numbers — license, social security, state ID cards, passports

Personal Data Origins

  • Personal data origins refers to how the personal data was originally collected for the system named in the report.

Processing Purposes

  • Processing refers to any operation that is performed on personal data, such as collection, recording, storage, alteration, use, transmission, or erasure.

Data Distribution

  • Data distribution refers to personal data transferred from the system name in the report to other systems in your inventory.

Data Subject Consent Origins

  • Consent refers to any freely given, specific, informed and unambiguous indication of the data subject's agreement to the processing of their personal data.

Protective Measures

  • Protective measures refers to any steps taken to safeguard data.

Additional Questions

  • Additional information relevant to this system
  • Ask your Customer Success Manager or reach out to support to add custom questions

Customizing your System Profile Page

DataGrail’s Intelligence Library leverages first and third party data powered by AI to pre-populate system metadata based on the most common use cases of that system. We collect information that helps our customers prioritize systems with more privacy risk based on the personal data they process and associated use cases.

While we have captured standard processing use cases for each system, you can customize the System Profile Page to reflect your organization’s specific use cases.

You can make edits directly in the System Profile page and the edits will automatically save.

 

Need help?
If you have any questions, please reach out to your dedicated CSM or contact us at support@datagrail.io.

Disclaimer: The information contained in this message does not constitute as legal advice. We would advise seeking professional counsel before acting on or interpreting any material.