We help privacy teams simplify records of processing

You handle data protection. We handle data mapping.

Simplify Article 30 & Records of Processing Compliance

Trusted by the Europe's leading privacy teams

Case Studies

Royal Irish Tours fulfilling requests 14x faster in only 60 days

We use a lot of spreadsheets, where we get caught up complicating our process, referencing ticketing systems, task lists, email threads, and homebrewed tools for tracking our data subject access requests... it just slows us down and kills efficency to focus on our core business. What's cool about Privacy Request is we're completely hands-off data subject requests now, and we get more efficent results. One of the biggest things is how they mapped to all our marketing tools that contain personal data, which is most of the work for Articles 12 - 21. A typical request used to take us over 14 days to complete, and with Privacy Request we fulfill them in under an hour. Not to mention, we only need 1 resource to track it. This is one of the best solutions out there.

Royal Irish Tours
Royal Irish Tours

Conor Duffy, VP Operations

Royal Irish Tours from 2 weeks to <1 day using the Privacy Request DSAR Portal

Royal Irish Tours from 2 weeks to <1 day using the Privacy Request DSAR Portal

ITelligent automated data inventory and reduced overhead by 100%

Data privacy is not our business. We have a large customer base in Spain, and could see our data subject requests slowly increasing. We're a small nimble team with an aggresive roadmap, and kept on getting impeded by these requests, that was taking high priority in our backlog. We were always finding new legacy applications based off our data subject requests. We were worried. We started working with Peter after hearing about Privacy Request. The results were great. He setup Privacy Request to crawl across our intranet, network, and SSO to find applications and devices that contain personal data. We have a real-time data map, and we dont need to reactively add new sources, or use up all our resources once a month. With an automated data mapping process, we are now able to confidently practice data minimization, make sure we're enforcing the right retention policies, and satisfy Article 6 and Article 30 for Records of Processing.


Mackenzie Brown, Chief Information Security Officer


No more tedious surveys & spreadsheets

Discover systems containing personal data in seconds, not weeks or months. Easily integrate into identity management, SSO, or procurement solutions. Free your team from emails or prioritizing extra work

Detect Shadow IT Systems & Automate System Inventory for Article 30
Detect Shadow IT Systems & Automate System Inventory for Article 30

Invite System Owners


Workflow based data mapping

Invite system owners to quickly connect their systems for data mapping. Remove the need of manual surveys & assessments.

Invite System Owners


Monitors changes in fields and systems

Integrate with cloud vendors to detect data field changes in only a few clicks. Live data map stays refreshed with data field additions or changes, so you don't need to worry.

Live System & Data Maps
Live System & Data Maps

Generate Reports & Data Maps for Records of Processing


Reduce the risk of hefty fines

Generate real-time, up-to-date records of processing. Automatically generate data lineage and cross-border maps.

Generate Reports & Data Maps for Records of Processing


No coding required

Pre-built integrations with over 100+ cloud vendors and systems. No coding required. Easily integrate your first-party or proprietary systems with web hooks for system monitoring. Plugs in with common Single Sign On providers.

API Integrations into popular vendors & Permissions
API Integrations into popular vendors & Permissions


Starting at

$500/month  $250/month

  • Streamlined Records of Processing
  • Automated System Discovery
  • Unlimited Systems & Vendors
  • First-Party System Monitoring
  • Monitor Data Field Additions & Changes
  • Unlimited System Owners
  • Unlimited Data Mapping
  • Unlimited Roles & Permissions
  • Integrations with SSO vendors
  • 100+ Pre-Built Integrations for Vendors
  • Unlimited Employee & Vendor Logins
  • Multiple Languages
  • Unlimited Compliance Reporting
  • Dedicated Account Manager
  • Unlimited Training & On-boarding
  • Demonstrate Compliance for GDPR & CCPA

Free 90-Day Trial

Leadership Team

Peter Barbosa

Peter Barbosa

Chief Executive Officer

Andrew Hartwig

Thomas Wilson

Chief Information Security Officer

Thomas Wilson

Andrew Hartwig

VP Engineering

Do less. Supercharge your data subject requests.

Let Privacy Request do the heavy lifting. We are on a mission to simplify compliance for our customers.


What regulations do you guys comply with?

We're purpose built for GDPR, and have expanded for CCPA, Nevada SB-220, and LGPD. We are leveraging several years of experience with the GDPR. We understand the challenges businesses will run into with DSARs. Our counsel works hard to monitor new privacy and data protection laws around the world so you have an expert to lean on.

How do you guys manage security vulnerabilities?

We perform penetration tests once every 3 months, and any issues are handled in less than 24 hours.

Where are your servers located?

Our servers are fully hosted on AWS located in the United Kingdom. We ensure that data is not transferred outside of the UK or EU.

What’s included with on-boarding?

Our on-boarding is a robust 90-day program to ensure your business is setup for the highest success with data subject request workflow. Throughout our white-glove on-boarding program we provide a dedicated privacy expert to your account, to ensure you see the benefits to your business. At the end of the 90-days, your data subject requests will be a breeze.

Do you guys also do data mapping?

Yes. We have multiple features to help you map data leveraging your internal network and identity platform. We will run a discovery across your business to help do a data discovery and map. After that, we provide companies to leverage our assessment tools to identify any missing gaps. We help find structured data sources, but also unstructured data: PST files, PDFs, CCTV footage, and more!

Will this integrate with my existing downstream systems?

We currently integrate with cloud systems commonly used across businesses. For new integrations, we typically can deploy within 24-48 hours. For in-house applications, we have connectors available with REST APIs for your applications to securely plug into.

How do you handle legacy systems with personal data?

For any legacy systems (such as CCTV), we record these systems in our inventory and track any tasks and resources towards that system. This will make sure you have an audit log at a system level.

Can I customize my request forms and consent portal?

Your customer-facing interface is 100% customizable. You can choose to host the form in your own environment, so branding stays consistent.

What kind of reporting do you have?

We deliver reports and audit logs directly on your secure portal. Our reports help you stay compliant and ready for any type of surprise. The different reports can vary from a breakdown of a particular data subject request for audit purposes, all the way to summarized reports of your privacy compliance organization-wide. In addition, the dashboard can be used for day-to-day reporting and insights.

What's your support like?

We provide a one-stop shop experience, providing you with a dedicated account manager focused on your data privacy and protection compliance. We hold your hand every step of the way ensuring you're getting the results you desire in your privacy program. In case of an audit, your account manager will be focused 100% on your account for any reporting needs. No questions asked. Our real business is you.