About Us

ICONFIRM is a Norwegian start-up dedicated to privacy. We continuously develop functionality that simplifies compliance with GDPR.

 The ICONFIRM solution makes it easy to get started without costing you too much, either in time or money, so employees can focus on their own core activities.

The solution allows organizations to have a step-by-step approach tailored to the level of ambition they want. For example, the solution has templates with sample texts on privacy policy, privacy statements, confidentiality statements etc. for inspiration, where the customer can make the final customization for his company.

SVEIN HANSEN, Board Member

Our Team

We have the knowledge

Our technology, your safety

Our Partners

Iconfirm makes it easy for a person to request access and makes it easy for the business to process the request.

Should the authorities want information, the company is always ready to document compliance.


The most asked questions

By using the ICONFIRM tool, the business can easily:

  • Ensure effective communication with customers, employees or business partners regarding the privacy and use of personal data.
  • Inform the end user about the purpose of the data processing and other required information.
  • Obtain consent and restrict data processing until consent is obtained
  • Verify the identity of the end user.
  • Allow the end user to request data access, erasure or other rights through the Privacy Portal
  • Effectively manage rights requests
  • Collect and structure all documentation related to privacy, system registers, data processing agreements, purposes, legal bases, consents, security documentation, incident register.

Advanced and flexible data processing with secure data processing  

  • Segregate personal identifiers from other data and document 'pseudonymization'
  • Manage data flow between systems and subcontractors including notifications
  • Manage interaction with subcontractors in relation to the rights of end-users (rectification, deletion, transparency etc).

Organisations process data differently depending on what category of Data Subject it is. Iconfirm describes these activities in documents/forms called Processing definitions. A processing definition describes the various aspects of data processing, including:

  • What data is collected?
  • Retention period
  • The legal bases
  • The specific privacy statement
  • Relevant consents
  • What kind of authentication is required from the data subject?
  • Other documentation such as risk assessments and balances of interest

Most companies have employees, customers, suppliers' employees, etc. There are completely different data that are processed for customers than for employees. Hence, there must be different privacy statements to fulfil the duty of information.

ICONFIRM makes it easy for your business to configure their various processing definition documents. The content is defined by the organisation itself, often in collaboration with legal counsel. As the data collected and processed must be kept to a minimum, different companies will have several processing definition documents depending on the purposes associated with the data processing. ICONFIRM makes the management of legal bases simple and intuitive for the responsible persons.

Yes. ICONFIRM can be integrated with, for example, the CRM system through our adapters or open APIs for seamless processing.

ICONFIRM can also be used to have structured data sharing between systems.

By using ICONFIRM you gain control over all aspects of consents.

  • Version management to ensure data integrity and document exactly what was informed and consented to by each individual.
  • Configure validity / erasure
  • Determine authentication requirements
  • Secure specific purpose descriptions with consent per purpose.
  • Ensure that there is valid consent before processing (e.g. by sending out newsletters/share data)
  • Synchronize consents across systems or activities

Personal data is stored in a special privacy Service, encrypted and with strict strict access control (correct authentication, role and organization. Each tennant has its unique encryption key. The privacy is embedded in the core design of the solution.

ICONFIRM can be used as a web interface where you log in directly to your site from iconfirm.eu. For larger companies, it may be appropriate to integrate ICONFIRM with their own systems. Configuring the system obviously depends on the complexity of the business and how you want to use the solution. For those who want a simple solution for obtaining consents and who do not have any CRM to integrate with, the system can be set up in a very short time using the Add-in adapter for Outlook so you do not have to be logged in on ICONFIRM to work. ICONFIRM can also notify you by e-mail if, for example, any deletion requests, access requests or rectifications have been received. The business should work with legal experts to prepare correct texts and descriptions.

All companies that process personal data can use ICONFIRM, regardless of the size of the company, the legal basis for the data processing and the number of persons for whom data has been registered. Remember the rights of the individuals are the same regardless of the size of the business and that it is the organizations that have the burden of proving compliance.

Once the personal information about the customer is registered in ICONFIRM, the customer has access to a Privacy portal where all rights are managed, including the ability to withdraw consents.

ICONFIRM has a good solution for documenting your different systems or the organizations with whom you share data. There is a lot of information that can be gathered in a structured way that provides a good overview as well as control to everyone and not just the IT personnel. Furthermore, you can configure the solutions to manage dataflow between systems.

In addition, you can make a link between the processing definition document and the system that helps you keep track of data, tasks, erasure, access requests etc.

User access can be granted directly, for example, to the system owner so that they can maintain security documentation etc. 

It is possible to provide in-depth information that provides a basis for protocol on processing activities that the business is obliged to have.

It is also possible to set up integration with the systems so that one can use ICONFIRM to distribute data. Using integration, tasks related to deletion etc can also be implemented via the API.

Furthermore, the system owner (or organization) can be notified of corrections/deletions, access requests etc. and these changes or activities are continuously logged. This provides a good overview across the value chain.

If the incident module in ICONFIRM is used, it can offer precise information to analyse the consequences of a breach.


en_GBEnglish (UK)
nb_NONorsk bokmål en_GBEnglish (UK)