Seatable as a GDPR Compliance system - groups of linking

Moontime · January 26, 2023, 7:37am

I am trying to figure out if Seatable could be used as a GDPR-compliance software and a Governance, Risk, and Compliance Software. So far it seems a good fit, However, I have now stumbled on an issue I can’t get around.

Under the GDPR it is required that you have an overview of your data categories (eg. name, phone number, health information, etc), your data subjects (eg. customers, employees, etc.), and of course which systems and processes your make use of that information.

It is easy to map these things in one “one to many relationships”, eg. one system to multiple data categories using the linked records or multiple select. But you also have to map which Data subjects you have and which data categories are on each system. Eg System X has these data subjects with these corresponding data categories.

As an example see this screenshot where I am inside of a system editing which data subjects and data categories that system has.

I would rather not have different columns for each data subject, as this can vary over time.

cdb · January 30, 2023, 1:40pm

Sorry, I don’t understand your problem. Please describe what you want to achieve, what you already tried and where do you see any limitations.

Here is what I would do: you have all personal data categories in one table and all available categories in another table. Then you can link a “data subject” to every category or personal data that you want.

Moontime · January 31, 2023, 7:51am

I understand the confusion. Thank you for taking the time for assisting.

In your example you only map subjects to datacatagories, but not those subjects to the systems.

So the relationship I would need is a one to many to many, as in “one system” to “many subjects” which then independently links to “many types of data”.

Here is an illustration below (Forgive me my lack of drawing skills):