COMPASS

GDPR obligations,
reconciled against proof.

Compass reads what GDPR requires of your workspace and reconciles each obligation against the verifiable receipts your work already produces. You see which obligations are met with evidence, which you've only asserted, and which are still a gap — in one screen.

The Article 30 register →Live in Dekimu Hub · Pro feature

EVERY ANSWER CARRIES ITS PROVENANCE

Compass is a provenanced projection, not a pass/fail score. Each obligation is marked by how it is backed.

Evidence

Backed by an independently verifiable receipt your workspace minted — the strongest claim Compass makes.

Asserted

Backed by information you provided. True if your input is true; Compass does not re-verify it.

Gap

Not yet recorded. Compass tells you exactly which receipt would close it.

WHAT IT TRACKS

GDPR v1 maps the obligations that apply to most EU workspaces. Each row reconciles against your recorded activity.

LAWFUL BASIS

A lawful basis recorded for each processing purpose (Art. 6).

SUBJECT RIGHTS

A path to honour access, rectification, erasure, and portability requests (Arts. 15–22).

PRIVACY NOTICE

A published notice covering what you collect and why (Arts. 13–14).

PURPOSE LIMITATION

Processing tied to the purpose it was collected for (Art. 5).

RETENTION

A retention period set per data category, and data actually purged when it expires (Art. 5).

DPIA

A data-protection impact assessment where processing is high-risk (Art. 35).

Coverage is shown as a fraction — obligations met over obligations that apply to you — never as a guarantee of compliance.

REGULATION YOU CAN RE-RUN

Compass does not hard-code its rules in app logic. Each regulation is written in an executable specification, compiled to a signed, reproducible runtime.

  • The rule that decides whether an obligation is met is the regulation, expressed as code — auditable, versioned, and citable to its source article.
  • Because the runtime is signed and deterministic, the same inputs always produce the same result — so a coverage report can be reproduced and checked, not just trusted.
  • When a regulation changes, the specification changes; the engine does not need rewriting.

WHAT COMPASS GIVES YOU

  • A live map of which GDPR obligations your workspace currently meets with evidence.
  • The exact receipt that would close each open gap, with a direct route to record it.
  • An export your auditor or DPO can check independently, not a number from a black box.

Compass reflects what your workspace has recorded. It is only as complete as the activity and information you put into it.

WHAT IT IS NOT

  • It is not a certification, an audit, or a guarantee that you are compliant.
  • It does not give legal advice — legal review is recommended for your specific situation.
  • A green obligation means a receipt exists, not that a regulator has accepted it.
  • It covers the processing your Hub workspace records, not processing that happens outside it.

FAQ

What is Compass?

Compass is a GDPR compliance engine inside Dekimu Hub. It reconciles the obligations GDPR places on your workspace against the verifiable receipts your work produces, and marks each one as backed by evidence, asserted, or an open gap.

Does Compass make my business GDPR compliant?

No. Compass shows which obligations your workspace currently meets with evidence and which are still gaps. It is a working tool, not a certification, audit, or legal advice. Compliance remains your responsibility, and legal review is recommended.

What does a verifiable receipt mean here?

Many actions in Dekimu Hub mint a signed, independently checkable record — for example a recorded consent, a completed erasure, or a data-protection impact assessment. Compass reads these receipts as evidence that an obligation is met, rather than relying on a self-assessment checkbox.

Which GDPR obligations does Compass track?

GDPR v1 covers lawful basis (Art. 6), data-subject rights (Arts. 15–22), the privacy notice (Arts. 13–14), purpose limitation and retention (Art. 5), and data-protection impact assessments (Art. 35). Each is reconciled against your recorded activity.

How is Compass kept current with the law?

Each regulation is written as an executable specification and compiled into a signed, reproducible runtime. When a rule changes, the specification changes rather than the application code, and the same inputs always reproduce the same coverage result.

Where do I find Compass?

Compass runs inside Dekimu Hub at app.dekimu.com as a Pro feature. This page is a public explainer; the live tool is in the gated dashboard.

REFERENCES

Compass is a compliance-management tool, not a law firm. It does not provide legal advice and does not certify compliance. It reflects the activity and information recorded in your workspace; you remain responsible for the accuracy and completeness of that record.