Our software:
GDPR Features

It’s important for organisations to choose a provider that makes every effort to protect customer data. Satisfying compliance is an on-going process, many organisations cannot adequately manage their assets with traditional manual processes – Assemble offers a powerful set of features and functionality to make the process easier.


How we help

The regulatory landscape is changing and we built Assemble with that in mind – take advantage of security and privacy features that are built into Assemble. Whether you’re someone responsible for compliance, a decision-maker considering Assemble or a current Assemble user seeking clarification, find out how we help with identifying, managing and safeguarding your data.


Working together


Assemble works with its customers to keep their data secure.


Assemble lets you configure and use your account in ways that help assist with your organisation’s GDPR compliance efforts. Broken down into four key areas – we show you how Assemble offers a range of features that can help address requirements of the GDPR.


An important step towards GDPR compliance is understanding what data you have and where it resides. Assemble provides you with complete control, making it easier to quickly locate and identify the personal data you collect across your organisation.

With Assemble, you can:

  • Search - Every person, message, application, and document in Assemble is archived, indexed, and available through search, making the past easily referenceable. Assemble also indexes the content of every file so you can search within PDFs, Word documents, and more.
  • Filter - Refine and limit the data you're looking for based on a specific criteria.
  • Centralisation - Feature rich platform to help keep data and processes together in one place; incorporate recruiting, scheduling, document management, communication and reporting efforts in one central location.


The GDPR provides data subjects with more control over how their personal data is collected and used. In order to satisfy obligations to data subjects, it’s important to govern how personal data is used and accessed.

With Assemble, you can:

  • Include Consent - Display custom privacy notices and request and obtain consent where personal data is collected.
  • Update - Amend inaccurate or incomplete personal data (Self-service functionality also exists for volunteers to update personal information).
  • Export - Meet data subject access/portability requests by using Assemble data export capabilities.
  • Archive - Automatically archive and anonymise data after storage retention limits have been triggered.
  • Data erasure - Based on parameters set by customers, Assemble will retain data accordingly before they begin to be processed for deletion.
  • Pseudo-anonymise - Sensitive information is never stored against an identifiable individual. Data is collected but this key is never exposed to any user of the system.
  • Restrict - Lock role profiles during the application process to ensure recruiting teams adhere to data minimisation.


The GDPR requires that organisations incorporate data privacy and protection principles into their products. As part of our Information Security Management System (ISMS), Assemble is developed to incorporate privacy-by-design and privacy-by-default methodologies.

With Assemble, you can:

  • Manage user identities - Sign in as a user and easily manage your team and data from a single access point.
  • Role based permissions - Group together a set of privileges that limit access to data and the tasks that can be performed by a given user via security roles and hierarchy levels.
  • Two-factor authentication - Optional security feature which adds an extra layer of protection to user accounts. Users are required to input a six-digit security code to sign in or connect a new device.
  • Access - Temporarily grant, pause and restrict user access to the system.
  • Data centres - ISO27001 accredited data centres store all customer data in the EU.
  • Transparent Data Encryption - To protect personal data in transit and at rest.


The GDPR sets new standards in transparency, accountability, and record-keeping. Organisations will need to demonstrate how they handle personal data and actively maintain documentation defining processes and use of personal data.

With Assemble, you can:

  • Track and record - Touchpoints let you record changes to personal data providing a history of activity.
  • Audit trail - Automatic tracking of when and how volunteer data was obtained.
  • Transparent communication - Trackable team and volunteer communication.
  • User logs - Track the date and time of user logins, password reminder requests and successful/failed two-factor authentication attempts.
  • Consent - Prove when and how consent was obtained when collecting personal data.

Looking for more information?

If you have any further questions, feel free to reach out to us

Contact us



Please note that this information is intended to provide helpful guidance to customers on the GDPR and not as a solution or legal advice. We encourage each organisation to undertake their own steps to ensure compliance.