I am trying to figure out if Seatable could be used as a GDPR-compliance software and a Governance, Risk, and Compliance Software. So far it seems a good fit, However, I have now stumbled on an issue I can’t get around.
Under the GDPR it is required that you have an overview of your data categories (eg. name, phone number, health information, etc), your data subjects (eg. customers, employees, etc.), and of course which systems and processes your make use of that information.
It is easy to map these things in one “one to many relationships”, eg. one system to multiple data categories using the linked records or multiple select. But you also have to map which Data subjects you have and which data categories are on each system. Eg System X has these data subjects with these corresponding data categories.
As an example see this screenshot where I am inside of a system editing which data subjects and data categories that system has.
I would rather not have different columns for each data subject, as this can vary over time.