Data protection management on a grand scale (GDPR)

Our data protection management supports you in planning, implementing and documenting your data protection management in accordance with the EU General Data Protection Regulation. It uses the information already recorded in the MEDIA module, in which personal data and details of uses are queried and processed.

Request demo

Everything at a glance

Get a complete overview of who has and who hasn't given their consent to the use of images. Always keep track of the status of consent forms and rights of use as well as approved uses. Request consent from individuals by sending a personalised consent form via email directly from your module.

Automated GDPR processes

The data protection management of coconutbox supports you with automated processes to accelerate your workflow. Constant manual checking of consents or expiry dates is no longer necessary. For example, when revoking a GDPR consent (see article 7 of the GDPR), all corresponding images are immediately blocked in your system. If desired, they can also be deleted directly.

Search efficiently and find quickly

Experience speed and accuracy on a grand scale with our efficient search. Find images of people as well as projects and their links in the GDPR module by specifically entering individual parameters. Search for media for which the consent of use will expire in the future and ask for an extension by the person concerned via the system.


Time limit

Define your own time periods in which media are released for use and when corresponding data protection agreements are to be queried again.

Release management

Allow users to use only the media where all persons depicted have fully consented to the respective intended use.


With our API, it is also possible to connect to your third-party systems. This ensures that only data for which you have given your consent is stored there.

Internal and external

Even if pictured employees do not work in your company, you can create them with our data protection management, upload their declaration of consent easily and quickly and thus enable the use of the images.

Convenient management according to DSGVO guidelines

  • creation of individual GDPR projects
  • deposit of agreements
  • usage management
  • defining expiry times
  • automatic notifications
  • quick creation of reports

Check image rights and the corresponding permission or refusal of the persons depicted to use the media in real time. Define your own purposes of use as well as GDPR projects for better handling in conformity with the GDPR guidelines.

Practical example

The problem: images without rights of use

Ms Schmidt runs a medium-sized metal construction company. She recently had a new sales catalogue printed in which employees are also depicted working on the assembly line. Shortly after distributing the catalogues, she received a letter from a lawyer demanding the immediate withdrawal of the catalogues. A picture of an employee was reproduced without the consent of the person concerned. Ms Schmidt is now facing enormous costs.

The solution: GDPR compliant data storage

A cosmetics manufacturer organises a company shoot to create new images for its social media channels. During the shooting, all participants sign the privacy policy. After all pictures have been uploaded to the coconutbox, purposes of use can be defined.

The most important functions in the DSGVO module

Quick findability

Find media with specific people depicted quickly and easily.

Storage of all relevant information

Store all information relevant to the GDPR for a person Simply and digitally. Persons from outside the company can also be created and declared accordingly.

Managing agreements

Upload convieniently individual agreements and define their expiry times. Administrators are automatically informed about future expiring media and can promptly request an extension from the persons concerned.

Defining purposes

Assign global as well as project-related usage purposes. When an image is downloaded or sent, the respective proof of use is checked. The user must confirm that the medium may only be used for the approved topics.

Creating individual projects

Create time-limited projects with individual agreements on the validity and use of the associated media.

Creating GDPR reports

Users can retrieve information on when which image was used for which purpose and in which media a person is depicted.

The most important questions about the GDPR

How can I agree to the GDPR guidelines?

You will receive an invitation/notification by email to agree to the DSGVO guidelines for the coconutbox and the included media.

Can I also revoke my consent?

You can withdraw your consent at any time.

What happens if an employee who has consented to the use of his or her images is no longer with the company but has forgotten to revoke his or her consent?

In the DSGVO module, it can be set that as soon as an employee leaves the company and is thus also removed as a user, the consent is revoked.

What happens if the consent to store my data has expired?

The respective user will be asked/requested to agree to the GDPR guidelines again by e-mail.

Are there different uses such as social media, brochures, etc.?

The admin can specify different purposes.

For the GDPR module, can external users also be included for GDPR policy consent?

Yes, only the first and last name as well as the e-mail address of the desired external user are required for this.

nach oben