Data Protection Impact Assessments
Structured Article 35 compliance — from initial screening to DPO sign-off.
How it works
From screening to signed-off assessment
Screen the processing activity
Run the Art. 35(1) screening to determine if a DPIA is required. Clarium evaluates high-risk indicators (special category data, automated decisions, large-scale processing) against your processing description.
Assess necessity & risk
Document necessity and proportionality, identify risks to data subjects, and define mitigations. Risk matrix scores likelihood and severity for each identified risk.
DPO sign-off & records
Submit for DPO review with a structured sign-off workflow. All versions retained for the register with timestamps and reviewer identity.
What you get
Built for rigorous Article 35 compliance
Art. 35 screening
Automated high-risk indicator check against the processing description. Flags special category data, automated decision-making, and large-scale processing.
Risk matrix
Structured risk identification with likelihood × severity scoring. Track mitigations and residual risk per threat.
DPO sign-off workflow
Formal review and sign-off by the Data Protection Officer. Rejected DPIAs return to the assessor with annotated comments.
Version history
Every DPIA version retained permanently. Compare assessments over time and maintain a complete paper trail for regulators.
Be first to use the DPIA Module
The DPIA Module is coming Q3 2026 for Pro+ plans. Join the beta to get early access and shape the product.