Settings¶

Navigate to Settings > Organization > Account Details to manage your account name, address, and timezone.

Account Name

Your Dxtra workspace name. This is used internally and in system communications. Example: "Acme Corp Privacy"

Data Controller DID

Your unique Dxtra identifier. This is used for API calls and webhook integrations.

Address

Your organization's principal place of business (Address Line 1, Address Line 2, City, State/Region, Zip Code, Country). This appears in privacy notices and legal documents. Keep it current — regulators may require this for official correspondence.

Timezone

Select your organization's primary timezone (e.g., America/Los_Angeles). This affects how dates and times are displayed across Dxtra.

Navigate to Settings > Organization > Organization Details to configure your legal entity information, operating regions, industries, and contact details.

Legal Entity Name

Your official registered business name. This appears in privacy notices, assessments, and formal compliance documents. Should match your business registration.

Company Description

A brief description of what your organization does (50-200 words). Dxtra's AI generates an initial description based on your industries, which you can review and edit. Used in compliance documentation.

Operating Regions

Select all regions where your organization operates and processes personal data. Click the Operating Regions dropdown to open the region selector — you can expand continents, search for specific countries, or select individual states, provinces, or entire countries. Selected regions appear as color-coded jurisdiction chips (e.g., Europe, Asia, Americas) with country counts. The regions you select determine which regulatory frameworks Dxtra applies to your compliance program.

Operating Industries

Select the industry categories that describe your organization's primary business activities (e.g., Computing & Tablets, E-commerce, Financial Services, Healthcare). Search or browse the dropdown list. Dxtra uses these to generate relevant compliance documentation.

Company Officers

Add key officers in your organization (CEO, CTO, CFO, etc.). Officer names may appear in formal compliance documentation.

DPO Details

Enter your Data Protection Officer's name, email, and contact information. This information appears in privacy notices and is displayed in the Transparency Center's Help Center so data subjects can reach your DPO directly.

Websites

Enter your organization's website URL(s). These are referenced in transparency materials and public-facing compliance documents.

Navigate to Settings > Organization > Domain Management to register and verify web domains for use with embedded Dxtra widgets and Dxtra Tag Manager.

Register Your Domain

1. Enter your full domain including extension (e.g., mycompany.com or shop.mycompany.co.uk)
2. Click Save
3. Dxtra generates a unique DNS TXT record for verification

Verify Domain Ownership

To complete verification, add the generated TXT record as a DNS record at your domain registrar:

1. Log in to your domain registrar (e.g., GoDaddy, Cloudflare, Namecheap)
2. Navigate to your domain's DNS settings
3. Add a new TXT record with the host _dxtra-verification.[yourdomain] and the secret value provided by Dxtra
4. Save the record

Then return to Dxtra:

1. Click Request DNS Verification next to your domain
2. Dxtra checks for the TXT record and updates the verified status
3. A green checkmark indicates successful verification

The Registered Domains table shows each domain's TXT record name, verification status, last checked date, and secret value. You can trigger a manual verification check anytime.

Navigate to Settings > Organization > Branding to upload your logo and configure your brand colors. These appear in your Transparency Center and customer-facing materials.

Organization Logo

Upload your company's full-size logo. Used in transparency pages and compliance documents.

Organization Logomark

Upload a smaller version of your logo (icon or mark). Used in compact layouts and favicons.

Primary Color

Enter the hex code for your brand's primary color (e.g., #47C4E2). Used throughout your Transparency Center.

Secondary Color

Enter the hex code for your brand's secondary color (e.g., #19894E). Used for accents and highlights.

After uploading and setting colors, click Save. A confirmation appears: "Branding updated successfully!"

Navigate to Settings > Profile to manage your personal profile information and security preferences.

Avatar

Upload a profile picture. This appears next to your name in the application and in team communications.

Email Address

Your primary email for the Dxtra platform. Used for account access, password reset, and notifications. Should be an active email you monitor regularly.

Display Name

Your full name as it appears in the application. Example: "John Smith"

Password

Update your password anytime. Use a strong password (8+ characters, mixed case, numbers, symbols).

Navigate to Settings > Profile > Language to set your preferred language for the Dxtra interface.

Language Preference

Choose from 11 available languages: Auto-detect, Deutsch, English (UK), Español, Français, 日本語, 한국어, Português, Português Europeu, 简体中文, and 繁體中文. Auto-detect uses your browser's language setting.

Your language preference affects the interface labels and documentation displayed in Dxtra.

Navigate to Settings > Profile > Two-Step Authentication to protect your account with multi-factor authentication (also called two-factor authentication or 2FA).

Dxtra supports three methods:

Authenticator App (TOTP)

Use Google Authenticator, Microsoft Authenticator, Authy, 1Password, or similar. Scan the QR code with your app and enter the 6-digit verification code to confirm. Save your backup codes in a secure location.

SMS Verification

Receive 6-digit codes via text message to your phone. Requires a phone number on file.

Hardware Security Key

Use a USB security key (e.g., YubiKey) for maximum protection.

You can add multiple authentication methods for redundancy. If you lose access to one method, you can use another to regain access.

Navigate to Settings > Team & Security > Team to view and manage all team members.

Team Member Table

View all users in a table with these columns:

Invite New Member

Click New Member to open the invite modal. Enter the required fields — Name, Email, and Role (dropdown) — then send the invitation:

• Business Owner — Full administrative access to all settings and features. Can manage billing, invite team members, assign roles.
• Data Protection Officer (DPO) — Access to data privacy, compliance features, and oversight responsibilities. Can manage compliance documentation and data subject rights.
• Developer — Technical access for integrations and API management.
• Agency/Reseller — Partner-level access for managing client accounts.
• Auditor & Regulator — Read-only compliance and audit access.

Your team member will receive an invitation email. They can click the link to set up their account.

Enforce Two-Factor Authentication

Toggle at the top of the Team tab to require 2FA for all team members organization-wide. When enabled, every team member must configure 2FA before accessing the dashboard.

Resend Invites

If an invite is not accepted within 7 days, you can resend a reminder. After 30 days, invites expire.

Navigate to Settings > Team & Security > Security History to review a chronological audit log of security-related events.

The Security History table displays: - Action — Type of security event (login, password change, API key created, 2FA enabled, etc.) - Category — Classification of the event (authentication, authorization, data access, etc.) - Severity — Critical, High, Medium, or Low - Device ID — Identifier of the device used - IP Address — IP address from which the action originated - Timestamp — When the event occurred

Filter Options

Use the filters (Action, IP Address, User, API Key, Device) to investigate specific events. Use the Export button to download logs for compliance audits.

Regularly review your Security History for unusual activity — unexpected logins, API key changes, or permission modifications.

Navigate to Settings > Compliance & Documents > Compliance Framework to set your organization's standard compliance practices.

These defaults help populate Article 30 Records of Processing Activities and maintain consistent vendor oversight. Configure:

Data Subject Categories

Types of individuals whose data you process (customers, employees, vendors, etc.)

Cross-Border Transfers

Whether you transfer personal data outside your primary jurisdiction and to which regions.

Transfer Mechanism(s)

How you authorize cross-border transfers (Standard Contractual Clauses, Binding Corporate Rules, adequacy decisions, etc.)

Due Diligence Notes

Standard assessment criteria for evaluating data processor security.

Ongoing Monitoring Plan

Your standard approach to monitoring processor compliance.

Change Notification Policy

How processors must notify you of material changes.

After configuring these defaults, click Save Defaults to apply your changes. These appear automatically in new processing activities and vendor assessments.

Navigate to Settings > Compliance & Documents > Compliance to upload certifications and reports that demonstrate your organization's security compliance.

Use this tab to store compliance evidence such as SOC 2 reports, ISO 27001 certificates, penetration test results, or other security and compliance documentation. Uploaded documents serve as supporting evidence for audits and regulatory inquiries.

Navigate to Settings > Compliance & Documents > Documents to view and manage important documents related to your data controller responsibilities.

The Other Documents section is described as: "Other important documents related to the data controller including security policies and controls."

The Documents table shows:

Documents include auto-generated files (privacy notices, DPIAs, privacy labels), compliance certifications you've uploaded, and other regulatory documents.

Upload New Document

Click the Add New button to open the upload modal. Choose a file and optionally select:

• Mark as compliance certification — Tags the document as a compliance certification
• Mark as compliance report — Tags the document as a compliance report
• Publish as legal document — Makes the document available as a published legal document

Click Upload to save or Cancel to discard.

Download Data

Use the Download Dxtra Generated & Managed Data section to export all your data from Dxtra in a structured format.

Navigate to Settings > Billing > Your Plan to view your current subscription tier, pricing, and included features.

Plan Details

Shows your current plan (Start, Growth, Scale, or Enterprise), monthly cost, next payment date, and billing cycle.

Features

Lists included features such as: - Number of domains you can register - AI reassessments allowed per month - Supported languages (English + additional) - Data Subject ID limit - PII scans across cloud environments - Deployment assistance (Enterprise only)

Upgrade Plan

Click Upgrade Plan to access the Stripe billing portal and select a higher tier: - Start — $10/month — Small businesses - Growth — $25/month — Growing organizations - Scale — $100/month — Large organizations (up to 1M Data Subjects) - Enterprise — $1,000/month — Large businesses with custom needs and deployment support

You can upgrade anytime and will be charged the pro-rated difference. Downgrade anytime; the new plan takes effect at your next billing cycle.

Navigate to Settings > Billing > Payment Methods to manage your payment cards.

Add Payment Method

Add a new credit or debit card.

Set Default Card

Choose which card is used for automatic billing.

Remove Card

Delete cards you no longer use.

Your payment information is processed securely through Stripe and never stored in Dxtra's systems.

Navigate to Settings > Billing > Billing History to view all past invoices.

The Billing History table shows: - Date — Invoice issue date - Description — Billing description (e.g., "Dxtra Monthly Subscription") - Amount — Invoice amount - Status — Paid, Pending, or Failed

View Receipt

Click the action button next to any invoice to download a PDF receipt for accounting records.

Invoices are sent automatically to your registered email address each billing cycle.

Navigate to Settings > Communication Preferences > General to control notifications for general account activity.

Each notification type shows its name and description. Toggle each type on or off:

Account Safety Requests

Receive alerts for security concerns (unusual login location, suspicious activity, etc.)

Account Status Updates

Get informed about account status changes (plan changes, subscription renewal, etc.)

Daily Summary

Receive a daily activity summary of your Dxtra account

Data Processor Updates

Get informed about changes to registered data processors (new processor, processor details updated)

Single Sign-On Activity

Notifications for SSO login attempts and changes

Team Settings Changes

Alerts when team settings are modified (member invited, role changed, etc.)

Unusual Account Activity

Receive alerts for suspicious activity that may indicate a security issue

Navigate to Settings > Communication Preferences > Compliance to configure notifications specific to compliance events.

Policy Updates

Notify when privacy notices or policies are updated

Audit Logs

Notify of significant audit log entries

Data Subject Rights Requests

Notify when new data subject rights requests are received and when responses are due

DPA Agreement Changes

Notify when Data Processing Agreements are updated or DPA expiration approaches

Security Incident Alerts

Notify of data breaches or security incidents

Frequency

For each notification type, choose: - Immediate — Email sent immediately when the event occurs - Daily Digest — One email per day with all notifications from that type - Weekly Digest — One email per week with all notifications

Navigate to Settings > Communication Preferences > API & Product to manage notifications related to API activity and product updates.

API Error Alerts

Receive alerts when API calls fail or return errors

Feature Updates

Stay informed about new product features and improvements

Integration Issues

Notifications when integrations fail or encounter problems

Webhook Failure Alerts

Receive alerts when webhooks fail to deliver successfully

Service Uptime Reports

Receive reports on Dxtra service status and any downtime

Each type has an individual toggle so you can enable only the alerts relevant to your role.