For practitioners

Resources

Free tools, statute-cited guides, comparison pages, and product updates for privacy and compliance teams — no email required to read or download.

Free tools Guides & articles Compare Product updates

Free tools

Interactive · no signup
Tool

DSAR deadline calculator

Compute the response deadline for a Data Subject Access Request across GDPR, CCPA/CPRA, VCDPA, CPA, and 100+ other privacy laws — with the statute citation that drives it.

Open calculator → Template

Free DPIA template (Word + Docs)

GDPR Article 35-aligned DPIA template with sections for processing description, necessity & proportionality, risk assessment, and mitigations. Editable in Word or Google Docs.

Download template →

Guides & articles

Long-form, statute-backed
Guide

DPIA vs PIA: differences explained

When each is required, what they contain, and how they differ under GDPR vs U.S. state laws — plus the workflow teams use in 2026.

Read guide → Checklist

CCPA deletion request checklist (2026)

Step-by-step checklist for handling a CCPA/CPRA right-to-delete request — verification, scope, exceptions, downstream propagation, and the 45-day timer.

Read checklist → Template

Sub-processor change notification template

A drop-in email + landing page template for notifying customers about a new sub-processor — and giving them the objection window your DPA requires.

Use template → Template

GDPR ROPA template (Article 30)

What a Record of Processing Activities actually requires, the SME-exemption myth, the six columns to track, and a copyable Markdown template you can drop into Notion or Sheets.

Read template → Guide

CCPA opt-out implementation guide

How to build a compliant Do Not Sell or Share flow — GPC signals, the 15-day fulfillment + 12-month no-reask rules, downstream service-provider obligations, and CPPA enforcement examples.

Read guide → Template

AI vendor risk assessment template

A GenAI-aware due-diligence scoring matrix — training-data exposure, prompt-injection, model versioning, RLHF data, and how it lines up with SR 11-7 and NIST AI RMF.

Use template →

Compare

Honest, sourced product comparisons
Compare

OneTrust vs Privacy Automated (2026)

How the platforms differ on automation depth, AI grounding, jurisdiction coverage, audit transparency, and price-per-outcome.

See comparison → Compare

Vanta vs Privacy Automated (2026)

Where SOC 2 / ISO automation ends and a privacy operating system begins — DSARs, DPIAs, vendor research, and statutory deadlines.

See comparison → Compare

DataGrail vs Privacy Automated (2026)

How the two privacy platforms compare on AI-grounded answers, DPIA coverage, and the underlying jurisdiction table.

See comparison →

Product updates

Shipped, in order
Updates

Changelog

What's shipped lately — new jurisdictions, AI improvements, integrations, and policy updates. Append-only and dated.

Read changelog → Reference

Trust architecture

The full technical & trust posture — RLS-enforced multi-tenancy, append-only audit, the jurisdiction table, AI grounding, and what we explicitly don't claim.

Read architecture → Reference

SOC 2 readiness

Anticipated audit scope, control coverage map, sub-service organizations, known gaps and remediation plan, and timing.

See readiness →