Regulation (EU) 2016/679 · Applicable since May 2018

Framework

GDPR — built into every scan.

The General Data Protection Regulation sets the rules for how personal data is collected, processed and stored across the EU. GuardianAI maps all 99 articles against your documentation — detecting consent gaps, DPIA requirements, international transfer issues and more. Because the EU AI Act explicitly requires GDPR compliance.

Run a free GDPR scan See all frameworks
99
Articles covered
Art. 83
Maximum penalties
4%
of global revenue or €20M

What we check

Lawful basis & Consent

Maps Art. 6 lawful bases and Art. 7 consent mechanisms to your data processing documentation.

DPIA requirements

Detects when a Data Protection Impact Assessment (Art. 35) is required and whether one is documented.

International data transfers

Flags missing SCCs, adequacy decisions or Binding Corporate Rules for cross-border data flows.

What GuardianAI does

  • Maps data subject rights (Art. 15-22) — access, erasure, portability — to your policy documentation
  • Checks controller/processor contracts for mandatory Art. 28 clauses
  • Identifies gaps in privacy notices and records of processing activities (Art. 30)
Coming soon

Full clause guide coming soon

A full article-by-article GDPR guide — with exact obligations and how GuardianAI maps each one — is in progress.

Run a free GDPR scan