Introducing

FLOWZ
Flowz is a web-based tool that provides a solution to record the information
around your organisation, helping you to become GDPR Compliant.
Competitive PricingBook a FREE Web Demo

Introducing

FLOWZ

Flowz is a cloud-based tool that provides a solution to record the information
around your organisation, helping you to become GDPR Compliant.

Competitive PricingBook a Free Web Demo

Learn More About Flowz

Flowz is a web-based tool for registering information assets and recording all flows of information an organisation uses to perform its business functions

Based on the ISO27005 approach to information risk management and now redesigned for the new General Data Protection Regulation (GDPR), Flowz allows the organisation to record all of its information, whether it is at rest or flowing through a business process.

Flowz allows you to record your information assets, person by person, team by team and department by department, mapped to your fully configurable hierarchy, providing you with a realistic, up to date view of the information assets your organisation holds.  Additionally, you can record and risk assess all the flows of data from that asset, be it via email, post or direct electronic transfer, with information asset owners and administrators approving those flows

Countdown to GDPR : Are you ready ?

Day(s)

:

Hour(s)

:

Minute(s)

:

Second(s)

“With the new GDPR regulation which will apply from 25 May 2018 requires organisations to monitor how and why personal data is processed. Flowz is a web based manual data entry tool that allows the recording of this information and makes a calculated risk score to evaluate and manage the risks within an organisation.”

“Recital 82: In order to demonstrate compliance with this Regulation, the controller or processor should maintain records of processing activities under its responsibility. Each controller and processor should be obliged to cooperate with the supervisory authority and make those records, on request, available to it, so that it might serve for monitoring those processing operations.”

Benefits

Flowz enables compliance with GDPR by allowing organisations to:

A

Support or deliver GDPR information asset requirements

  • Article 30: records of processing
  • Article 28: management of processors
  • Article 32: security of processing
  • Articles 5-9: Processing principles and lawfulness of processing
  • Identifying where contracts (Article 28(3)) and sharing agreements (Article 26) are required
  • Article Identifying flows outside the EEA/Approved countries (Article 30/44-47)
  • Identifying flows which could be pseudonymised (Article 4)
  • A valid and up to date risk assessment programme for all Information Assets and flows
A

Significantly reduce the risk of fines

A

ASSIST WITH ISO 27001 AND ISO 27005 COMPLIANCE

  • Delegated management of information assets and business processes
  • Identifying where contracts and sharing agreements are required
  • Recording supporting assets such as software and hardware
A

SUPPORT DATA PROTECTION OFFICER (DPO) IN PROVIDING ASSURANCE (ARTICLE 39)

  • Identification, review and approval of use of data requiring a Data Privacy Impact Assessment (DPIA)
  • Monitoring of compliance with the regulation
  • Ability to immediately provide evidence for the supervisory authority as requested
  • Assists responses to data subjects on use of their data (drill down dashboard for Information Assets
  • Enables significant assurance reporting to the Board
A

PROVIDE BOARDS WITH ASSURANCE THAT INFORMATION ASSETS ARE APPROPRIATELY MANAGED

  • Reporting and dashboard provides assurance that information assets are accounted for by organisational hierarchy
  • Distributed ownership of information assets
  • Delegated ownership of information risk reporting
  • Helps to identify those information assets you didn’t know you had
  • Ensures information asset management and flow mapping becomes a valuable resource rather than a costly annual exercise
A

Reduce the on-going cost of managing information flows and assets through a simple browser-based interface

Get Compliant

  1. Select a subscription and pay
  2. Create and Manage Assets and Flows
  3. Customise menus to suit your organisation
  4. View and report on your information risk

These 4 simple steps will start to build your compliance with GDPR.

How does it work?

PRICING

Always know what you’ll pay.

ESSENTIALS

BUSINESS

PREMIUM BUSINESS

ENTERPRISE

Essentials is designed for small businesses which, due to the categories of special categories of data they process (GDPR article 9), get caught up with the GDPR article 30 (5) requirement to maintain records of processing. We have in mind doctors, dentists, small charities that focus on health care. This version only records the minimum information necessary to satisfy article 30, but includes linkages to article 32.

As Essentials, plus the Business subscription is designed for larger businesses, which may have greater risks and what to see the risk indicator values that are generated from the attributes of their data processing. They may also be small organisations for whom personal data processing is core to their operation, or specialist businesses that process special categories of data because it is fundamental to their objectives. These organisations may voluntarily maintain records of processing because it is good practice, rather than only because it is required by law.

As Business, but in addition the Premium Business subscription is designed for larger organisations, typically public-sector or having more than 250 employees. They have a statutory duty to maintain records or processing and want to understand their risk exposure, which is presented back to them through the dashboards and reporting. These might also be smaller regional government organisation, charities, smaller health bodies and the like. These organisations can be dynamic environments, and this version allows changing of organisational structure and staffing without re-entering data.

As Business Premium, plus the Enterprise version can accommodate the needs of larger and more complex organisations. These might have multiple business units and processing activities that may be siloed or spread across multiple organisations in multiple locations, including multi-national. The system allows different rule sets to be applied, such that an operation in one country or industrial sector, might have different risk values and rules to another.

£100 annually

£10 monthly

Max 10 Assets

Unlimited Users

Unlimited Flows

Records of processing (Article 30)

Standard Hierarchy

Social and local sign-on

Role Based Access Controls - Built-in

Email Support

£500 annually

£50 monthly

Max 100 Assets

Unlimited Users

Unlimited Flows

Records of processing and fixed risk indicator

Standard Hierarchy

Social and local sign-on

Role Based Access Controls - Built-in

Email Support

£2500 annually

£250 monthly

Max 500 Assets

Unlimited Users

Unlimited Flows

Records of processing and adjustable risk indicator

Standard Hierarchy

Social and local sign-on

Role Based Access Controls - Customisable

Email Support

Customisable labels and language

POA*
Pricing based on number of legal entities

Unlimited Assets

Unlimited Users

Unlimited Flows

Records of processing and adjustable risk indicator

Nested corporate business units and shared assets across organisational sub-units

Social and local sign-on and active directory integration LDAP, SAML

Role Based Access Controls - Customisable

Email Support

System migration support

Customisable labels and language

Customisable metadata

Want to become a Reseller of Flowz?

If you have customers you know will benefit from using Flowz, please contact mark.jones@flowz.co.uk to discuss becoming a Flowz Reseller.