Last updated: 2026-04-06
Guide
GDPR Compliance Setup¶
Configure GDPR compliance in Dxtra: processing activities, consent management, and privacy notices.
Time Estimate
30 minutes | Basic administrative skills required
Overview¶
| Step | Time | Task |
|---|---|---|
| 1 | 5 min | Organization setup |
| 2 | 10 min | Processing activities |
| 3 | 10 min | Consent management |
| 4 | 5 min | Verification |
Step 1: Organization Setup¶
Configure your data controller profile in the dashboard.
In Settings > Organization:
- Enter your legal entity name and registration number
- Add Data Protection Officer contact (required if you meet GDPR Article 37 criteria)
- List your data processing locations
Checklist:
- Legal entity information complete
- DPO designated (if required)
- Processing locations listed
See: Organization Setup
Step 2: Processing Activities¶
Document your Article 30 record of processing activities.
In Dashboard > Purposes:
- Add each data processing purpose (e.g., website analytics, email marketing, order processing)
- Assign the legal basis for each:
- Consent - Marketing emails, cookies, newsletters
- Contract - Order processing, account management
- Legitimate Interest - Security monitoring, fraud prevention
- Set data retention periods
- Document any international data transfers
Checklist:
- All processing purposes documented
- Legal bases assigned
- Retention periods set
- International transfers mapped (if applicable)
See: Processing Activities | GDPR Article 30
Step 3: Consent Management¶
Deploy consent collection on your website.
Create Privacy Notice¶
- Go to Notices & Policies in the dashboard
- Generate a privacy notice using the template
- Customize for your processing activities
- Publish to your website
See: Privacy Notice Publishing
Configure Consent Collection¶
- Go to Consents in the dashboard
- Configure consent categories matching your processing purposes
- Generate and deploy the consent banner widget
- Test the consent flow on your website
Checklist:
- Privacy notice published
- Consent banner deployed
- Consent categories match processing purposes
- Withdrawal mechanism functional
See: Consent Management | Widget Embedding
Step 4: Verification¶
Review your compliance status.
In Dashboard > Assurance:
- Review the compliance score
- Address any flagged issues
- Verify each requirement:
GDPR Requirements Checklist:
- Article 30 Record - Processing activities documented
- Article 13/14 - Privacy notice published and accessible
- Article 7 - Consent collection functional with withdrawal option
- Article 15-22 - Rights request portal available (Transparency Center)
- Article 37 - DPO contact published (if applicable)
See: Assurance Dashboard
Next Steps¶
This Week¶
- Test a data subject rights request via the Transparency Center
- Connect platform integrations: Integrations Overview
- Review team access: Access Controls
Ongoing¶
- Monthly compliance score review
- Update processing activities when business changes
- Monitor and respond to data subject requests
Related Documentation¶
- GDPR Compliance - Detailed regulatory requirements
- Rights Requests - Managing data subject requests
- Training Materials - Staff compliance training