Product documentation

How EUAuditPack works today

EUAuditPack helps Indian SaaS teams assemble 12 privacy documents across public, customer-facing, and internal workflows. It is self-serve documentation software, and legal review is still recommended before external use.

Last updated: 2026-03-14

How does EUAuditPack work?

1

Create a project

Start on the free tier and open a project for the company, product, or workspace you need to document.

2

Complete the questionnaire

Capture company identity, cookies, vendors, security controls, and retention details with structured inputs.

3

Review readiness

See what is complete, what can be generated as a draft, and what still blocks verified export.

4

Generate and share

Download the pack in the supported formats and share only the documents appropriate for your audience.

What gets generated?

The current pack includes 3 public documents, 2 customer-facing documents, and 7 internal documents. Text documents export as PDF + DOCX, and the public Subprocessor List uses HTML + PDF.

External-facing documents

Public notices and lists you may publish once your verified export is ready.

Privacy NoticePDF + DOCX
Cookie PolicyPDF + DOCX
Subprocessor ListHTML + PDF

Customer-facing documents

Documents EU customers often request during procurement and security review.

Customer DPAPDF + DOCX
TOMs SummaryPDF + DOCX

Internal governance documents

Internal operating documents for privacy, retention, incidents, and assessment workflows.

Vendor RegisterPDF + DOCX
RoPAPDF + DOCX
Retention PolicyPDF + DOCX
DSR ProcedurePDF + DOCX
Incident ResponsePDF + DOCX
DPIA ScreeningPDF + DOCX
Compliance ChecklistPDF + DOCX

Which docs are public vs customer vs internal?

Public

Privacy Notice, Cookie Policy, and the public Subprocessor List are the externally publishable documents once verified.

Customer-facing

Customer DPA and TOMs Summary are intended for procurement and buyer review, not for a public website.

Internal

Vendor, RoPA, retention, DSR, incident, DPIA, and checklist outputs support internal governance and audit preparation.

What is the difference between draft and verified exports?

Questionnaire completion

Tracks how much of the visible questionnaire has been answered.

Draft export available

Lets you generate review materials even when advanced or verification-only inputs are still missing.

Verified export readiness

Blocks external-ready output until the missing factual inputs are resolved.

When should you regenerate the pack?

Vendor or subprocessor changes

Regenerate when your infrastructure, support, analytics, or payment vendors change.

Cookie or product changes

Regenerate when your cookie inventory, consent banner behavior, or product data uses change.

Policy and operational changes

Regenerate when retention schedules, security controls, privacy contacts, or processor activities change.

How should you share docs with EU customers?

Public documents

Use verified Privacy Notice, Cookie Policy, and public Subprocessor List outputs for your website or buyer trust center.

Customer-facing documents

Share the Customer DPA and TOMs Summary during procurement, security review, or contract negotiation.

Internal documents

Keep the Vendor Register, RoPA, retention, DSR, incident, DPIA, and checklist documents for internal governance and audit prep.

Verified outputs are the safer choice for public or buyer-facing use. Draft outputs are better treated as internal review material while you resolve blockers and confirm facts with your team.

Sources and references

Sample Pack

Current redacted sample generated from the live template pipeline.

Open Sample Pack

Pricing

Current plan differences for pack depth, export formats, and regeneration.

Open Pricing

FAQ

Current public answers about verified packs, formats, and incomplete inputs.

Open FAQ

Review the sample before you start

Download the redacted sample pack, then start a free project when you are ready to replace the sample answers with your own inputs.

Start Free View Sample Pack