GDPR · Optional add-on
Prove you take data protection seriously.
Your business already holds real personal data — bookings, staff records, CCTV. If a regulator, an insurer or a customer ever asks how you handle it, most small businesses have nothing to show. We build you the evidence.
What it is
A privacy accountability pack that lives on your laptop.
GDPR isn't optional because you're small. The accountability principle (Article 5(2)) expects you to be able to demonstrate compliance — not just claim it.
This is a self-contained pack — an interactive dashboard plus a set of controlled documents — that opens straight from a folder on your own computer. No server, no database, no subscription. It is not part of your public website: it's your internal evidence, and it goes a long way to proving accountability right across your business.
What's inside
Everything a small business needs to evidence GDPR — and nothing it doesn't.
Article 30 ROPA
A live record of every processing activity — lawful basis, data, retention, risk and status — the backbone of accountability.
Processor register
Who processes data on your behalf, the DPA or safeguard in place, and the international-transfer position for each.
Retention schedule
How long each category of data is kept and how it's disposed of — so nothing is held “just in case.”
Privacy notices
Article 13/14 notices for customers, staff and suppliers, ready to publish and issue.
LIA & DPIA screening
Legitimate-interests balancing tests and DPIA screening decisions, documented rather than assumed.
Breach & rights procedures
A 72-hour breach procedure and a subject-rights procedure, so you're not improvising under pressure.
Data protection policy
A plain-English internal policy your staff can actually follow, plus a folder-access standard.
Article 32 evidence
A technical verification report showing the security controls protecting the data are real and tested.
See it working
A live demo — click around it.
Below is a fully working pack for The Copper Still, a fictional Dublin gastropub. Every record and document is real and clickable — only the business is invented. This is exactly what yours would look like, filled in with your processing instead.
The Copper Still — GDPR Accountability Dashboard
Article 30 ROPA · governance actions · processors · retention · 17 controlled documents
A preview of the real pack — opens in a new tab, fully interactive, with all 17 documents.
Why us
Built by someone who does this for a living.
ProVibed is run by an IT security and audit professional — CISSP, CDPO, CISM, CISA. The websites we build have defence in depth at the core and GDPR embedded into the design from the first line, not bolted on before launch.
This pack is the same discipline, packaged so a small business can hold it, understand it, and stand over it. More about who's behind ProVibed →
Want it for your business?
The accountability pack is an optional extra alongside a ProVibed build. Tell us what you process and we'll show you what yours would look like.
Start a conversation