After both parties sign the NDA, vendors provide our privacy assessors with access to the product and send documentation such as our data questionnaire, privacy policies, sample contract, and test logins. These materials are used to complete the manual assessment.
We then use a series of proxy and web traffic analysis tools to complete the technical assessment, depending on the environment, to reveal the third parties receiving data from the product.
Based on the findings of the manual and technical assessment, our privacy assessors will work with you to resolve any emergent privacy or security gaps to bring your product into compliance.
The initial assessment process can usually be completed within a month.