Privacy management · Early access

GDPR compliance you can actually show.

lumen.privacy unites records of processing, DPIAs, data subject rights, breach handling, cookie consent and training records in one system — with a compliance score, deadline countdowns and audit-ready PDF exports.

Facts, not buzzwords

Compliance with deadlines — not gut feeling

72 h
Breach notification deadline — as a countdown in the system (Art. 33)
30
Days for data subject requests — with countdown and ownership
9
Criteria in the DPIA threshold check — 2 or more make a DPIA required
1
Weighted compliance score across all modules — with trend and PDF report

Records of processing (Art. 30)

The register your authority wants to see

The central master record in lumen.privacy is the processing activity: captured via a 10-step wizard or from templates, released through a role-based approval workflow and exported at the click of a button as an Art. 30-compliant register.

  • 10-step wizard along the Art. 30 mandatory fields
  • Templates for a fast start
  • Approval workflow: submit, approve, reject, withdraw
  • Per-activity PDF and full register PDF
More on the register
Verarbeitungsverzeichnis in lumen.privacy mit allen Verarbeitungstätigkeiten

Dashboard & reports

Your compliance status as a number — not a feeling

The dashboard condenses all modules into a weighted compliance score with trend. Management summary, PDF report and data export make the status reportable — for leadership, audits and the supervisory authority.

  • Weighted compliance score across all modules
  • KPIs per module and a compliance trend over time
  • PDF report and data export at the click of a button
  • Tamper-evident log of all changes
Berichte in lumen.privacy mit Compliance-Trend und Management-Summary

Deadlines

72 hours. 30 days. The system counts along.

The two toughest GDPR deadlines run as countdowns in lumen.privacy: the 72-hour breach notification and the 30-day deadline for data subject requests. Ownership and linked tasks make sure nothing sits idle.

  • Breaches with severity, status and a 72-hour countdown (Art. 33/34)
  • Data subject requests with type and a 30-day countdown (Art. 15–22)
  • Clear ownership per case, tasks linked directly
  • Every step documented — provable, not retold
More on deadlines & cases
Datenpannen-Übersicht in lumen.privacy mit 72-Stunden-Countdown

Common questions

What DPOs ask us

  • Who is lumen.privacy for?
    For organisations with GDPR obligations — from small businesses to the mid-market — and for the people responsible for privacy there: internal and external DPOs, privacy coordinators and compliance owners.
  • Does lumen.privacy replace the DPO?
    No — and we don't claim it does. lumen.privacy is the tool DPOs and their teams use to structure, document and prove their work. DPO details are stored once and flow automatically into the PDF exports.
  • What does the system cover?
    Records of processing (Art. 30), processors and DPAs (Art. 28), DPIAs (Art. 35), data subject rights (Art. 15–22), breaches (Art. 33–34), consents (Art. 7), cookie consent (§ 25 TTDSG), privacy policy (Art. 13/14), TOMs (Art. 32) and training with certificates (Art. 39).
  • How does lumen.privacy relate to the other Lumen products?
    lumen.privacy is part of the Lumen suite. Account, organisation and licence run centrally through lumen.account — one login, shared master data. Privacy-specific data such as the DPO stays exclusively in lumen.privacy.
  • What does lumen.privacy cost?
    Three plans are planned — Starter, Pro and Enterprise — with a base price per organisation including seats. We publish final prices once approved; during early access, conditions are agreed individually.

Early access

Your privacy cockpit instead of Excel chaos

lumen.privacy is opening up to more organisations step by step. Request early access — in a demo we show how your records, deadlines and compliance score look in lumen.privacy.