Application, Data & Process Flows

Aligning and knowing what your applications are doing, what Personal Data has been Processed and what the reason and rights associated with processing are, is a core fundamental of Data Protection. This suite of tools provides end-to-end life-cycle management of Data Subject Personal Data from inception to disposition.

Data Protection Laws require that Controllers know what Personal Data they have, where it is and who has access to it. They also require that records be kept of when it is processed and the purpose that it is processed for.

The GDPMS provides a number of tools that bring together the "LIFE-CYCLE" of your Personal Data. What applications process it, where it has come from, where it is stores and what the end-to-end processing is that touches it.

The GDPMS uses a unique approach called a "Data Collection Campaign" in which the business needs to define a number of criteria to answer the questions that a regulator will need to know (if audited) about the Personal Data processing. It also ensures that every item of concern is considered and addressed.

Once this process has been completed, all the documents by way of Data Subject Notices are automatically generated, we call these "Collection Statements' and they are integrated into your processing or project, together with any Data Protection Impact Assessments or Legitimate Interest Assessments, which all become a matter of the Processing Record of fact.

This simple process allows the business to maintain and monitor its compliance against the use of its Personal Data, and in the event of a Data Breach, the GDPMS will use this information to identify reporting channels and the effort that is going to be required to comply with all the necessary laws that the data breach will be subject to. And, it's rarely a single law.

The Data Flow Map Builder and Application Register together with legal Agreements, Collection Statements and all necessary elements of the Data Life-Cycle are captured and then displayed in a graphical form that is easily understood by users.

Be the First to Know... Visit & Subscribe to our BLOG

Contact Us

This form is for general inquiries. If you are emailing about an existing case regarding a client that we represent, please reply to any of the email communications that you may have received from us about your matter. If you want to lodge a data subject request with a client that we represent, please visit the Data Subject Request form. You will need to know the Membership ID of the company that you would like to service your request. This information must be published on the contact page of our members website and in their Privacy Policy or Collection Statement.

If you wish to lodge a Data Subject Request regarding our service, our GDPMS ID is UK440000. Only use this code if the request is to be handled by us, that is information we have about you. If you would like to read our Privacy Policy and Collection Statement.










Maizieres Les Metz


Cirie TO



United Kingdom

71-75 Shelton Street

Covent Garden


+44 20 7442-5785

(207) 442-5785

United States

Suite 3377

304 S. Jones BLVD

Las Vegas NV 89107

+1 85 5577-8682

(US/Canada Toll-Free)








Full Service Regions


PO Box 834


NSW 2057

+61 4 6621-2726

(04) 6621-2726

Collection Statement & Privacy PolicyWebsite Cookie Policy | Support Desk

© 2010 - 2019 SPTG LLC, GDPR Forensic Limited. All rights reserved.

Data Protection*Services and are Trademarks of GDPR Forensic Limited (UK) and associated companies.

All prices on this website are EUR/EURO "€" unless otherwise stated.

The star logo and the DPO and CA seals are Trademarks of GDPR Forensic Limited,

unauthorised use is prohibited.