Your DPA obligations, always visible and tracked to deadline
A central registry of every DPA 2019 obligation, mapped to your organisation. Deadline calendars, compliance scoring, and one-click ODPC audit reports - so you always know exactly where you stand.
Why this matters
Built for your compliance outcomes
Central obligation registry
Every DPA duty in one place
- All DPA 2019 obligations pre-loaded
- Mapped to your entity and sector
- Owner assigned per obligation
- Status tracked in real time
Deadline calendar
Every regulatory date in view
- ODPC registration renewals
- Consent review cycles
- DPIA re-assessment dates
- Vendor contract review reminders
Compliance score
Instant health-check on your posture
- Weighted compliance score per obligation
- Trend tracking over time
- Gap analysis with remediation steps
- Board-ready compliance summary
ODPC-ready reports
One click, ODPC-format export
- Structured report in ODPC format
- Incident history included
- Point-in-time snapshots
- PDF and structured data export
Features
Everything you need, nothing you don't
Obligation Registry
Pre-loaded registry of all Kenya DPA 2019 obligations, mapped to your sector, entity type, and processing activities.
Deadline Calendar
Integrated calendar showing all DPA deadlines, ODPC registration dates, and internally-set review cycles with reminders.
Compliance Scoring
Weighted compliance score per obligation area, with trend tracking and a gap analysis dashboard for remediation.
Evidence Locker
Attach evidence documents, policies, and records to each obligation. Organise your compliance evidence for audits.
ODPC Report Generator
One-click ODPC-format compliance report. Point-in-time snapshots for historic records. PDF and CSV export.
Team Accountability
Assign obligations to owners. Track completion. Escalate overdue items. Full maker-checker approval flow available.
DPA alignment
Every feature maps to a DPA section
Dira is built from the Act, not retrofitted to it. Here's exactly how each capability addresses your Kenya DPA 2019 obligations.
| Product Feature | DPA 2019 Section | What it fulfils |
|---|---|---|
| Obligation registry | s.25(1) | Maintains records of all processing activities as required by the accountability principle |
| ODPC registration tracking | Part III | Tracks registration and renewal obligations for data controllers and processors |
| Compliance scoring | s.25 | Demonstrates ongoing compliance through documented, measurable accountability measures |
| Deadline calendar | Various | Keeps all time-bound obligations under the Act visible and on schedule |
| Evidence locker | s.25(1)(e) | Documented record of the lawful basis and compliance measures for each processing activity |
| ODPC reports | s.25 | Exportable compliance record ready for ODPC inspection or subject access response |
How it works
Step-by-step workflow
Map your organisation
Tell Dira your entity type, sector, and key processing activities. Dira pre-populates your obligation registry.
Assign owners
Assign each compliance obligation to a team member. Set review cycles and deadline reminders.
Build evidence
Attach policies, records, and documentation to each obligation. Your evidence locker grows automatically as you work.
Monitor and report
Review your compliance score weekly. Generate ODPC-format reports on demand for audits, board reviews, or ODPC submissions.
FAQ
Common questions
Do I need to register with the ODPC?
What is the accountability principle?
How often should I review compliance?
What happens during an ODPC inspection?
Start using Compliance Management today
30-day free trial. No credit card required. Full access to all Data Privacy products from day one.