GDPR software | Records of Processing | DPIA | SAR Management

Flowz is a GDPR SaaS tool that produces:

  • Records of Processing (Article 30)
  • Linkages to Data Security (Article 32)
  • Recording expected erase (Article 30)
  • Assist with ISO27001 & ISO27005 compliance
  • Support Data Protection Officers (DPOs) in providing assurance (Article 39)
  • Provide Boards assurance that information risks are appropriately managed
  • Reduce the ongoing cost of managing information flows and assets through a simple, browser-based interface

Coming Soon:

  • Data Protection Impact Assessments (Article 35)
  • Subject Access Requests (Article 15)

Countdown to GDPR : Are you ready ?

Day(s)

:

Hour(s)

:

Minute(s)

:

Second(s)

“Recital 82: In order to demonstrate compliance with this Regulation, the controller or processor should maintain records of processing activities under its responsibility. Each controller and processor should be obliged to cooperate with the supervisory authority and make those records, on request, available to it, so that it might serve for monitoring those processing operations.”

Benefits
Flowz enables compliance with GDPR by allowing organisations to:
A

Support or deliver GDPR information asset requirements

  • Article 30: records of processing
  • Article 28: management of processors
  • Article 32: security of processing
  • Articles 5-9: Processing principles and lawfulness of processing
  • Identifying where contracts (Article 28(3)) and sharing agreements (Article 26) are required
  • Article Identifying flows outside the EEA/Approved countries (Article 30/44-47)
  • Identifying flows which could be pseudonymised (Article 4)
  • A valid and up to date risk assessment programme for all Information Assets and flows
A

Significantly reduce the risk of fines

A

ASSIST WITH ISO 27001 AND ISO 27005 COMPLIANCE

  • Delegated management of information assets and business processes
  • Identifying where contracts and sharing agreements are required
  • Recording supporting assets such as software and hardware
A

SUPPORT DATA PROTECTION OFFICER (DPO) IN PROVIDING ASSURANCE (ARTICLE 39)

  • Identification, review and approval of use of data requiring a Data Privacy Impact Assessment (DPIA)
  • Monitoring of compliance with the regulation
  • Ability to immediately provide evidence for the supervisory authority as requested
  • Assists responses to data subjects on use of their data (drill down dashboard for Information Assets
  • Enables significant assurance reporting to the Board
A

PROVIDE BOARDS WITH ASSURANCE THAT INFORMATION ASSETS ARE APPROPRIATELY MANAGED

  • Reporting and dashboard provides assurance that information assets are accounted for by organisational hierarchy
  • Distributed ownership of information assets
  • Delegated ownership of information risk reporting
  • Helps to identify those information assets you didn’t know you had
  • Ensures information asset management and flow mapping becomes a valuable resource rather than a costly annual exercise
A

Reduce the on-going cost of managing information flows and assets through a simple browser-based interface

Get Compliant
  1. Select a subscription and pay
  2. Create and Manage Assets and Flows
  3. Customise menus to suit your organisation
  4. View and report on your information risk

These 4 simple steps will start to build your compliance with GDPR.

How does it work?
PRICING

Always know what you’ll pay.

Essentials, Business & Premium Business versions offer full functionality, and are differentiated only by the number of assets each version is capable of recording.

When required, additional capacity can be added, in multiples of the original pack size, ie 10, 100, 500, at a rate of £500 per pack.

Enterprise does everything that the other versions do, but has 3 major differences

1 It has unlimited assets.
2 It is possible to break the relationship between parent and child asset and flow templates, allowing for different regulatory regimes to be present and reported through a single system, and for separation of roles so that role accountabilities can be wholly local and enterprise-wide.
3 It is possible to manage records of processing for multiple legal entities in a single system. There is a small additional subscription for each additional legal entity.

ESSENTIAL

£100 annually

£10 monthly

Max 10 Assets

Unlimited Flows

Unlimited users with and without system access

Risk rating and reporting

User-level role-based and legitimate relationship access controls

Complex organisational hierarchies

ISO27005 primary asset management templates

Business process and activity data exchange reporting

Data repository risk ownership and management

Flexible Deployment

API Integrations possible, including Single Sign-On

User password reset option

E-mail support

Regular user-group meetings

STANDARD

£500 annually

£50 monthly

Max 100 Assets

Unlimited Flows

Unlimited users with and without system access

Risk rating and reporting

User-level role-based and legitimate relationship access controls

Complex organisational hierarchies

ISO27005 primary asset management templates

Business process and activity data exchange reporting

Data repository risk ownership and management

Flexible Deployment

API Integrations possible, including Single Sign-On

User password reset option

E-mail support

Regular user-group meetings

PREMIUM

£2,500 annually

£250 monthly

Max 500 Assets

Unlimited Flows

Unlimited users with and without system access

Risk rating and reporting

User-level role-based and legitimate relationship access controls

Complex organisational hierarchies

ISO27005 primary asset management templates

Business process and activity data exchange reporting

Data repository risk ownership and management

Flexible Deployment

API Integrations possible, including Single Sign-On

User password reset option

E-mail support

Regular user-group meetings

ENTERPRISE

P.O.A.

Contact for proposal

Unlimited Assets

Unlimited Flows

Unlimited users with and without system access

Risk rating and reporting

User-level role-based and legitimate relationship access controls

Complex organisational hierarchies

ISO27005 primary asset management templates

Business process and activity data exchange reporting

Data repository risk ownership and management

Flexible Deployment

API Integrations possible, including Single Sign-On

User password reset option

E-mail support

Regular user-group meetings

INTEGRATION

Optional integration is available with e-discovery software solutions to automate data identification

PROFESSIONAL SERVICES

Flowz offer a full range of Professional Services should you need assistance during your system deployment, to complement your existing team or manage the whole project. Click here for more details

FLOWZ FEDERATED SINGLE SIGN-ON (SSO) SUPPORT

Through the use of open industry standards and specifications such as SAML 2.0, Flowz can leverage customers’ existing Single Sign-on solutions to manage access to our application.

Support includes SAML 2.0-compliant Federated SSO solutions such as Microsoft Active Directory Federation Services (ADFS) and Shibboleth.

Do you want to become an outsourced
Data Protection Officer (DPO)?

If you have customers you know will benefit from using Flowz, please contact mark.jones@flowz.co.uk to discuss becoming an outsourced DPO.