Meet every DSR deadline. Without the spreadsheet.
Automated DSR intake, routing, verification, and fulfilment with a full ODPC audit trail. Handle access, erasure, portability, and rectification at scale - no spreadsheet required.
Why this matters
Built for your compliance outcomes
Stay ahead of the deadline
SLA clock starts from intake
- Countdown starts at submission
- Escalation alert at 5 days
- Breach alert fires before deadline
- ODPC-format timeline export
Any request type
All 6 DSR types supported
- Access, erasure, portability, rectification
- Restriction and objection workflows
- Type-specific guided fulfilment
- Partial fulfilment with explanation
Compliant verification
Verify without over-collecting
- Upload-based identity verification
- Clock pauses during verification
- Maker-checker review available
- Proportional - no over-collection
ODPC audit trail
One-click ODPC log export
- Immutable request-by-request log
- Action history with timestamps
- Operator and approver records
- CSV and structured PDF export
Features
Everything you need, nothing you don't
Request Intake Portal
Branded self-service portal where subjects submit requests via web form or email. Multi-channel intake supported.
Automated Routing
Requests routed to the right team based on type, business unit, and data location. No manual triage.
Identity Verification
Configurable verification workflow - document upload or manual review - proportional to the request, with the SLA clock paused.
SLA Countdown
Visible countdown with team escalation alerts at configurable thresholds. Deadline never sneaks up on you.
Fulfilment Workflow
Step-by-step guided workflow for each request type, including data search, retrieval, redaction, and response packaging.
ODPC Audit Export
Export your complete DSR log in ODPC-compliant format at any time - CSV or structured PDF for inspections.
DPA alignment
Every feature maps to a DPA section
Dira is built from the Act, not retrofitted to it. Here's exactly how each capability addresses your Kenya DPA 2019 obligations.
| Product Feature | DPA 2019 Section | What it fulfils |
|---|---|---|
| Access request intake | s.26(1) | Receive and process requests for copies of personal data held about the subject |
| Response timeline enforcement | s.26(5) | Meet the prescribed response period without undue delay |
| Identity verification | s.26(2) | Verify identity before disclosure without requesting more data than necessary |
| Erasure processing | s.40 | Assess erasure grounds and process right-to-erasure requests with documented reasoning |
| Data portability export | s.38 | Provide data in structured, machine-readable format to the subject or another controller |
| Rectification workflow | s.40(1) | Accept and process requests to correct inaccurate or incomplete personal data |
How it works
Step-by-step workflow
Subject submits request
Via self-service portal, email, or API. Dira captures all metadata and starts the SLA countdown clock immediately.
Identity verified
Dira routes a verification request to the appropriate team. Clock pauses during verification - compliant with DPA proportionality requirements.
Request fulfilled
Step-by-step guided workflow for the request type. Team retrieves, redacts, and packages data. Maker-checker review available.
Subject notified, log closed
Data subject receives their response. ODPC-format record created automatically. SLA clock closes. Audit trail complete.
FAQ
Common questions
What is the DSR deadline under Kenya DPA 2019?
What request types am I required to handle?
Can I refuse a data subject request?
What if I cannot identify the requestor?
Start using DSR Automation today
30-day free trial. No credit card required. Full access to all Data Privacy products from day one.