Does Ghost store privileged advice?

No. Ghost captures the operational record — the processing activity, the lawful basis, the legitimate interest test, the DPIA sign-off, the DSAR audit log. Counsel's memos, external counsel correspondence, and the advice itself stay in the legal repository under the privilege regime that applies in your jurisdiction.

How does Ghost map to Article 5(2) accountability?

Article 5(2) requires the controller to demonstrate compliance, not just achieve it. Ghost is the operational surface where that demonstration is assembled: activities under Article 6 and 9, LIAs against the legitimate interest test, DPIAs under Article 35, breach records under Article 33, DSAR audit logs under Article 15. Each is timestamped and append-only.

Can external counsel sit alongside?

Yes. Invite external counsel as members with the appropriate role — typically Read-only or Operator for cases they advise on. They review the contemporaneous record rather than reconstructing it from emails months later.

What about US privacy regimes?

Configurable deadlines per intake form let the same workspace run a one-month GDPR clock alongside a 45-day CCPA window. The Article 30 register and audit log accommodate both. Ghost does not provide legal advice — the regime mapping is yours.

Ghost is hosted in EU data centres. Data is encrypted in transit and at rest. The audit log is append-only and scoped to your organisation. Disclosure links to data subjects are time-limited and re-issuable. Retention is configurable per record type, including for legal-hold scenarios.

How much does it cost?

Free: 1 active case, manual PDF redaction up to 5 pages per file, 10 redactions per month. Solo DPO is €49/month; DPO Team is €149/month with up to 10 seats. Annual billing saves ~20%.

Ghost

For in-house privacy counsel

The evidence behind your advice.
Captured as it happens.

Privacy advice is re-litigated long after it's given. Ghost is the contemporaneous record underneath — the lawful basis, the legitimate interest test, the DPIA sign-off, the identity verification standard — written down at the moment it was true.

EU-hosted · Append-only audit log · No privileged content stored. Counsel's files stay counsel's files.

Start 30-day free trial Try the redaction demo

Ghost — Privacy counsel workspace

Ghost Compliance Hub: privacy counsel workspace with LIAs, DPIAs, and append-only audit log

Article 5(2)

Accountability obligation

Article 6

Lawful basis tracking

Article 35

DPIA sign-off trail

Hosted infrastructure

The counsel workflow

Receive. Analyse. Sign off in record. Defend years later.

Counsel reads the proposal, asks the right questions, writes the memo. The risk is that eighteen months later the LIA is in a shared drive, the DPIA sign-off email is buried in an inbox, and the identity verification standard applied to the request that triggered the complaint is a matter of someone's memory. Ghost writes the operational facts down at the moment they're true.

Step 01

Receive

The processing proposal, the request, the incident — lands in a workspace beside the inventory. The activity is already there as a record; counsel reads in context.

Step 02

Analyse against facts

Lawful basis under Article 6. Article 9 condition where special categories apply. Legitimate interest balancing test against the activity. DPIA screening under Article 35. Each is a record, not an email.

Step 03

Sign off in the record

The LIA, the DPIA, the activity update — timestamped sign-off captured against the reviewer who made it. The advice itself stays in the legal repository; the operational decision is on the record.

Step 04

Reconstruct on demand

Eighteen months later, the LIA you ran in March is still legible — version, sign-off, facts at the time. The complaint, the regulator query, the litigation: the contemporaneous record is already written down.

Lawful basis and LIAs

Tested at the moment. Legible years later.

Each processing activity records its Article 6 lawful basis and, where Article 9 applies, the additional condition. Legitimate Interest Assessments are structured against purpose, necessity, and balancing tests, attached to the activity, and timestamped on sign-off.

Article 6 lawful basis per activity
Article 9 conditions on special-category processing
Structured LIAs tied to the activity
Timestamped sign-off in the audit log

Inside the Compliance Hub

Ghost — LIAs and DPIAs

Ghost LIA / DPIA risk register and sign-off workflow

Identity verification and DSAR handling

The verification standard applied — on the record.

The Privacy Request Manager records the intake source, the identity verification standard applied, the deadline against Articles 12 and 15, the redaction decisions taken, and the delivery audit. When a complaint or regulator query arrives months later, the verification standard that was actually applied is captured.

Intake source captured per case
Identity verification standard recorded
Article 12 / 15 deadline tracking
Manual + AI-assisted redaction with rationale

Explore privacy requests

Ghost — Privacy request manager

Ghost privacy request workspace showing intake, identity verification, tasks, and documents on a single case

Article 30 register and audit log

The activity you advised on — still addressable years later.

The ROPA is structured around Article 30, with templates, gap analysis, annual review reminders, and PDF/Excel export. The activity counsel advised on three reviews ago is still addressable as a record, with its version history intact. The audit log captures operational facts — not legal advice.

Article 30 register with version history
Annual review reminders per activity
PDF / Excel export for board and regulator
Append-only operational audit log

Inside the Article 30 register

Ghost — Article 30 register

See it end to end

A short walk-through of the workspace.

Redaction, privacy requests, and the audit log — in about three minutes.

Ghost — Product tour

More walkthroughs and guides

What counsel asks us first

Three questions every in-house privacy lawyer raises.

“Does this touch privileged content?”

No. Ghost stores the operational record. The advice itself — memos, external counsel correspondence — stays in the legal repository under your privilege regime. The surface is clean by design.

“Can I evidence Article 5(2) from this?”

That's what Ghost is built for. Activities, LIAs, DPIAs, DSAR audit logs, breach records — each a timestamped, append-only artefact that maps directly to the accountability obligation.

“What about US regimes?”

Configurable deadlines per intake form mean the same workspace runs a one-month GDPR clock alongside a 45-day CCPA window. The regime mapping is yours; Ghost holds the operational surface beneath.

Pricing

Plans for in-house counsel.

Start free. Bring legal, privacy, and ops into the same workspace when the programme matures.

Free

Build an LIA and run a request end-to-end before you commit.

€0/forever

1 active case
Manual redaction (PDF, up to 5 pages/file)
10 redactions per month
1 Article 30 register entry

Solo DPO

For a single in-house counsel or fractional DPO running it all.

€49/month

Unlimited cases and redactions
AI-assisted PII detection
Full Compliance Hub (LIAs, DPIAs, breach, third-party)
€39/mo billed annually (save 20%)

Start 30-day trial

DPO Team

For legal, privacy, ops, and external counsel sharing the workspace.

€149/month

Up to 10 seats (€10/extra seat)
Role-based access (Admin, Operator, Read-only)
Configurable retention for legal-hold scenarios
Outbound webhooks for SIEM / chat / ITSM
€119/mo billed annually

Start 30-day trial

Compare every feature on the full pricing page.

FAQ

Frequently asked questions

Advice is re-litigated. Make the record airtight.

Stand up the contemporaneous surface beneath the advice. 30-day free trial — no credit card, EU-hosted.

Start Free Trial

The regulatory landscape counsel advises across

The substantive framework is Regulation (EU) 2016/679 (GDPR) and, for UK-facing work, the UK GDPR alongside the Data Protection Act 2018. The provisions that most often produce advice work are Article 6 (lawful basis), Article 9 (special categories), Article 12 (one-month response deadline), Article 15 (right of access), Article 30 (records of processing), Article 33 (breach notification), Article 35 (DPIA), and Article 88 (employment context). Each has a documentary tail; Ghost keeps that tail attached to the record it relates to.

Supervisory authorities differ by jurisdiction. The ICO supervises the UK regime. The CNIL leads in France. The DPC is the lead authority for many large platforms established in Ireland. Counsel often advises across all three simultaneously. Ghost's outputs map to what each of these authorities expects to see when a controller's accountability under Article 5(2) is tested.

Where US regimes apply alongside — CCPA / CPRA in California and state regimes in Colorado, Virginia, Connecticut, and elsewhere — the 45-day default for US-style requests sits alongside the one-month GDPR default, configurable per intake form. Ghost does not provide legal advice; it provides the operational surface beneath the advice you're already giving.

The evidence behind your advice.
Captured as it happens.

EU-hosted · Append-only audit log · No privileged content stored. Counsel's files stay counsel's files.

Receive. Analyse. Sign off in record. Defend years later.

The verification standard applied — on the record.

The evidence behind your advice. Captured as it happens.