v1.2.2Last Updated: Apr 22, 2026

Guidance for DPOs and Privacy Teams

In a nutshell

What this document is: A guided navigation path for DPOs assessing Clawscan.

Why this matters: Helps quickly understand how data is processed, where it resides, and how responsibilities are structured.

When to use this: DPIA preparation, privacy questionnaires, vendor assessments.

---

Recommended reading path

Start with:

1. Security & Compliance Overview

Then review:

2. Data Processing Positioning
3. Architecture Overview
4. Data Flow Overview
5. Data Retention & Deletion
6. GDPR Positioning

---

Key points to validate

• Communication content remains within the client tenant
• No transfer of raw communication data to GOlegal
• Limited telemetry and derived data only
• Privacy-by-design approach
• Client-controlled scope and safeguards (incl. potential exclusion of private communications if required)

See:

• Trust Overview

---

Supporting documents

• Privacy Policy
• Data Processing Addendum (DPA)
• Subprocessors

---

Related topics

• AI Detection Model
• EU AI Act Positioning
• Workplace Monitoring Compliance