Frequently Asked Questions

No. EUAuditPack is self-serve documentation software. It helps you generate structured privacy documents, but it does not replace legal advice or lawyer review.

No. A generated pack can improve documentation readiness, but it does not guarantee GDPR compliance, security certification, or that your operational practices match the documents.

EUAuditPack is built for Indian SaaS teams selling to EU customers that need privacy documentation for procurement, due diligence, and internal privacy operations.

Yes. The questionnaire captures controller-side activities and processor-side activities so the generated pack can reflect customer-data processing scenarios more accurately.

Text documents export as PDF + DOCX. The public Subprocessor List supports HTML + PDF. Packs are delivered as a structured ZIP.

The current Pro pack includes 12 documents across public, customer-facing, and internal categories. That includes the Privacy Notice, Cookie Policy, public Subprocessor List, Customer DPA, TOMs Summary, Vendor Register, RoPA, Retention Policy, DSR Procedure, Incident Response, DPIA Screening, and Compliance Checklist.

Only the documents intended for public use should be published, and verified output is the safer choice for external sharing. Internal governance documents should stay internal, and customer-facing documents are typically shared during procurement rather than published publicly.

You can still generate draft output for review, but verified export is blocked until the missing factual inputs are completed. The app surfaces those blockers directly so you can resolve them.

A verified pack is a pack where the questionnaire and validation checks show that the required factual inputs for the relevant documents are complete. It is distinct from draft output, which is better suited for internal review.

Download the ZIP and share only the documents appropriate for the audience. Public notices can support your website or trust center, customer-facing documents can support procurement, and internal documents should usually remain internal.

Yes. Even verified output should be checked against your actual product, vendors, processing model, and legal position before you send it to a customer or publish it externally.