How Does It Work?
Vendor Assessments On Autopilot
Almost any businesses interact with numerous vendors and engage in myriad marketing activities. As a result, ensuring privacy compliance and managing associated risks is crucial. Our automated system simplifies this process, making it more efficient and accurate.
How the assessment is done?
We assess privacy and security risks and provide mitigation steps according to several factors. We are using NIST Privacy Framework, various academic research and FAIR Privacy risk framework.
The hoggoPassport™ Methodology
Our methodology for calculating a hoggo Trust Grade and any changes to it are published in this section, along with the version number, in order to provide transparency and allow you to compare our methodologies and practices.
Scope of Services
We’re assessing the type of services, roles, legal basis, categories of data subjects.
Processing Locations
We’re assessing the location of the service provider and its affiliates, together with processing location and transfer mechanisms.
Internal Privacy Practices
We’re assessing internal privacy-related policies, DSR procedures, DPO, certifications and retention periods.
3rd Party Transfers
We’re assessing location of third-parties, types, purposes, transfer mechanisms and legal measures.
Security Measures
We’re assessing IRP, breach notifications, and technical and organizational measures (TOMs).
Privacy/Legal Exposures
We’re assessing enquiry proceedings, legal actions, fines and data breaches.
Human-AI Collaboration
Privacy professionals and AI systems work together to achieve better results. A unique AI model is trained by privacy professionals and reviewed by them to automate privacy risk assessments.
Human-in-the-loop
Accuracy is not something we can compromise on. This is why every assessment process is accompanied by privacy professionals.
Data Collection
One task of our AI is to help us gather and analyze information regarding vendors' privacy practices from publicly available resources.
No Database Access
We don't access your databases, we don't collect or process personal data (other than your name and business email to sign-up), and we have industry-leading security measures.