PDPL core
Data Protection
Run PDPL privacy operations from data mapping to audit-ready evidence.
- RoPA, DPIA, DSAR, notices, and breach workflows
- MPTC-ready timelines and evidence trails
- Continuous monitoring across privacy obligations
One Platform.Made Simple.Built for Trust.
Privexus helps teams govern Data Protection Risks, Data Governance, AI Governance and stay compliant with confidence in Cambodia.
Data Protection,
Risk Management,
Policy Control,
Real-time Insights
Dashboard
EN
Good evening, Privexus
Operational viewExecutive view Add New
Models
1
Vendors
0
Policies
5
Task radar
Overdue8
Due5
Upcoming3
Incident status
4
Open: 0Investigating: 1Resolved: 0Closed: 3Archived: 0
Evidence coverage
0%
0 files across 1 models
Use case & framework risks
No risks identified
Vendor risks
1
Critical: 0High: 0Medium: 1Low: 0Unknown: 0
Model risks
3
Critical: 0High: 1Medium: 2Low: 0Unknown: 0
Recent use cases
No use cases created yet
Recent activity
Vendor onboarding review completed
2 hours ago
Policy exception approved
Yesterday
Model risk assessment submitted
3 days ago
Incident response workflow updated
6 days ago
0Governance areas
0Assessment types
0Uptime SLA
0Breach response
Compliance and governance areas we support
PDPL
Data Governance
Cybersecurity
AI Governance
Platform
Five connected areasEverything you need in one platform
Five connected areas for Cambodia teams: PDPL data protection, data governance, cybersecurity controls, inventories, and AI governance.
Data Governance
Catalog data assets, classify PDPL sensitivity, assign stewards, monitor quality, and enforce policies.
- Data catalog and domain coverage
- PDPL classifications and stewardship
- Data quality, policy violations, and cross-module impact
ISMS controls
Cybersecurity
Track security-oriented controls and evidence tied to technical measures, incidents, and ISMS readiness.
- Risk-aware control language and technical measures
- Incident and security evidence alignment
- ISMS / Cybersecurity module support
Source records
Inventories
Keep source records for assets, suppliers, customers, and AI-enabled systems.
- Asset, supplier, and customer registers
- Ownership, residency, DPA, and risk fields
- Coverage that links into RoPA and assessments
Responsible AI
AI Governance
Register AI systems, models, datasets, vendors, assessments, maturity, and responsible AI evidence.
- AI system and model inventory
- AIIA, AGIA, AIA, FRIA, and vendor intake flows
- Maturity scoring and AI incident evidence
One operating model connects PDPL workflows, governed data assets, cybersecurity controls, source inventories, and AI risk evidence.
View platform plansHow it works
From data mapping to audit-ready evidence in four steps.
Start with a single module and expand as your program matures. Every step produces documentation and evidence aligned to PDPL.
01
Map
Build your Records of Processing Activities, asset inventories, and vendor registers with guided templates.
02
Assess
Run DPIAs, vendor risk reviews, and AI impact assessments with structured scoring and reviewer workflows.
03
Govern
Set policies, assign stewards, manage data quality, and monitor controls across all modules.
04
Report
Generate audit packs, export evidence, and maintain a real-time compliance dashboard for regulators.
Security
Governance controls built into every workflow.
Protect sensitive records with role-based access, immutable audit trails, and configurable retention policies.
PDPL controlsCybersecurity mappedData residency
Trust center overview
Evidence, policies, and access history remain available for audits with export-ready controls.
99.9%
uptime SLA
256-bit
encryption
24/7
monitoring
Audit trail
Every change is logged with owner, timestamp, and evidence.
Access governance
Role based access with approval flows and activity monitoring.
Data controls
Retention, deletion, and residency settings aligned to policy.
Secure by default workflows
Policies, access, and evidence are enforced within every module.
Testimonials
Trusted by compliance teams across Cambodia.
Organizations of every size use Privexus to manage privacy, governance, and AI risk.
"Privexus cut our PDPL readiness timeline from six months to six weeks. The structured assessments and evidence trails made our first regulator conversation effortless."
CL
Compliance Lead
Regional Financial Institution
"We evaluated several platforms and Privexus was the only one built for Cambodia's PDPL from day one. The Khmer language support and local context made adoption immediate."
DP
Data Protection Officer
National Healthcare Provider
"The AI Governance module gave us a clear picture of our algorithmic risk exposure. We went from scattered spreadsheets to a single source of truth in under a month."
HO
Head of Risk
Technology Enterprise
Pricing
Plans built for privacy teams at every scale.
Start with PDPL essentials, then add Data Governance, Cybersecurity, and AI Governance as your program expands.
Startups
$39/mo
$470/yr billed annually
Start with PDPL essentials and core data protection workflows.
1 admin / 1 collaborator seats
ROPA + DPIA assessments
Basic DSAR management
PDPL data protection core
ROPA Agent access
PDF export
Email support (next day)
SME
$119/mo
$1430/yr billed annually
Scale privacy, data governance, and AI governance across teams.
2 admin / 5 collaborator seats
Full Data Protection Hub
Data Governance module
All 9 DP assessments
Vendor risk management
Basic AI governance
ROPA Agent workflows
PDF, DOCX, XLSX export
Cybersecurity add-on ready
Priority email + onboarding
Corporate
$319/mo
$3830/yr billed annually
Enterprise controls for governance, cybersecurity, and AI programs.
5 admin / 15 collaborator seats
Full platform access
Data Protection + Data Governance
Cybersecurity / ISMS included
All 16 assessment types
Full AI governance
SSO + advanced RBAC
ROPA Agents + PETS Guard
API access
Dedicated success manager
Custom framework config
Payments secured by ABA PayWay — KHQR & ABA PAY accepted
Compare all features Any Questions
See how Privexus streamlines privacy operations.
Tell us about your compliance program and we will tailor the walkthrough to your workflows.
No credit card requiredGuided onboardingLive training
FAQ
Answers to common privacy compliance questions.
Still need details? Our team can walk through data residency, onboarding, and security controls.
Privexus is Cambodia's first enterprise privacy, compliance, and AI governance platform. It is built for Data Protection Officers, compliance managers, CISOs, legal teams, and IT governance professionals in organizations of all sizes, from startups preparing for their first compliance program to enterprises managing complex multi-framework obligations. If your organization collects, processes, or stores personal data, Privexus gives you the tools to manage that responsibility in one place.
Most teams complete their initial setup within a few days. Privexus provides a guided quick-start wizard that walks you through creating your first Records of Processing Activities (ROPA), setting up your organizational structure, and configuring your compliance frameworks. You do not need to complete everything at once. Start with the module that matters most to your organization and expand from there as your program matures.
Yes. Privexus is modular by design. Many organizations begin with a single module, typically Data Mapping (ROPA) or Assessments, and add AI Governance, Vendor Risk Management, Breach Management, or Monitoring as their compliance needs grow. Your data, configurations, and audit history carry forward seamlessly as you expand.
Privexus is purpose-built around Cambodia's Personal Data Protection Law (PDPL) as its primary framework. The platform organizes day-to-day work across Data Protection, Data Governance, Cybersecurity, and AI Governance so teams can manage evidence, risk, and accountability from one place.
The platform maps directly to the PDPL's requirements. This includes Records of Processing, lawful basis management, Personal Data Impact Assessments, breach notification with 72-hour countdown timers to MPTC, cross-border transfer management, and full data subject rights handling. Every workflow produces the documentation and evidence trail that MPTC may require during inspections.
Privexus supports 16 assessment types across data protection and AI governance. On the data protection side: Privacy Impact Assessment (PIA), Privacy by Design (PBD), Legitimate Interest Assessment (LIA), Data Protection Impact Assessment (DPIA), Transfer Impact Assessment (TIA), Vendor Risk Assessment, IT Asset Assessment, AI Act Conformity Assessment, and a configurable Generic Assessment. On the AI governance side: AI Impact Assessment (AIIA), Fundamental Rights Impact Assessment (FRIA), Algorithmic Impact Assessment (AIA), Ethics Assessment, AI Act Conformity Assessment, Agentic Impact Assessment (AgIA), and Vendor Intake Assessment. Each assessment uses a guided wizard with scoring, reviewer workflows, evidence attachment, and PDF or Word export.
The AI Governance module provides a complete lifecycle management system for your organization's AI and machine learning systems. You can register every AI system with its risk classification aligned to the EU AI Act, maintain a model registry tracking architecture, training data, performance benchmarks, and bias testing results, catalog all datasets used for training and validation, and manage third-party AI vendor relationships. The module includes a maturity assessment covering seven dimensions, from governance and risk management to ethics and transparency, with gap analysis and recommended actions at each maturity level.
Privexus currently operates with infrastructure in Singapore (cloud hosting and analytics) and Cambodia (email delivery and customer support). We are committed to full migration to Cambodia-based infrastructure as local data center capacity becomes available, ensuring complete in-country data residency. All data is encrypted with TLS 1.2+ in transit and AES-256 at rest, with role-based access controls and a complete audit trail on every action.
The Breach Management module guides your team through the entire incident lifecycle, from detection and severity classification through investigation, notification, remediation, and post-incident review. When a breach is logged, the platform starts a 72-hour countdown timer aligned with PDPL requirements for MPTC notification. It generates the required notification forms, helps you assess risk to data subjects' rights, manages data subject notification if required, tracks root cause analysis, and records lessons learned. Every action is timestamped in the audit trail for regulatory evidence.
Yes. Privexus supports bulk import of processing activities, vendor records, asset inventories, customer records, and risk registers from CSV and Excel formats. The import wizard includes column mapping, validation with error reporting, and template downloads so you can prepare your data before import. You do not lose your existing compliance work. You bring it into a structured, auditable system.
We offer guided demos and pilot programs tailored to your organization's compliance needs and size. Our team will walk you through the platform using your actual use cases so you can evaluate it in context, not with generic sample data. Contact us to schedule a demo or discuss a pilot program.
Every Privexus customer receives onboarding assistance, platform training, and ongoing support from our Phnom Penh-based team. We respond to all inquiries within one business day. For enterprise customers, we offer dedicated account management, custom framework configuration, and priority support with SLA guarantees.