Our Zero Trust data
Privacy aware protection for personal data assets
Privacy1’s Zero Trust technology gives you privacy management and state of the art data security in a single solution. We allow you to apply controls to the data where it lives, shifting your defensive focus from the network edge to the valuable data assets you need to protect.
This data centric approach allows you to allow access to the sensitive personal data only for specific legal purposes, approved systems, pipelines and people and have immediate control from your privacy and legal team to suspend or revoke access.
"we apply privacy aware security to the data asset itself"
"We stop data breaches"
Hackers and organised crime are getting more and more advanced at getting inside your perimeter security through constantly changing vulnerabilities, whilst the business wants a more open technical environment to allow for working from home and BYOD. So, in this environment how can Privacy1 stop data breaches?
External and internal bad actors rely on two things once they have “broken in” and able to transition your networks from entry point to their target. That they can avoid application security by accessing the data technically in the infrastructure and, that the data is stored in “clear text” format.
"Clear Text" means just plain human readable text, so the data is easy to steal to hold you to ransom or sell on the black market.
How we help solve the different types of data breach
With the data elements encrypted and smart locked, even if a hacker breaches your perimeter tiers to the back office the data is unreadable
Because data elements are only unlocked for specific purposes systems in the processing moment. Batch data downloads by staff are impossible
IT, DevOps, Marketing...
cannot mistakenly view personal data even when they have direct access to infrastructure. They can only use data aligned to their processing purpose
"bad actors rely on two things once they have "broken in"
Avoid application security
Data assets are in clear text
How we help you protect your data
Attacks are made on organisations because it’s profitable to do so, because the “asset”, your sensitive data, is valuable, and it is readily used once stolen. Privacy1 locks and scrambles the data at the data level, it’s no longer stored or flowing as “clear text”.
When the data is scrambled like this, the hacker cannot read the information, and if they do try to steal data it will be unreadable making the effort not worth their while.
The Privacy1 solution encases your sensitive data in 4 shells of protection. We use multiple access keys, entitlement controls and two levels of privacy aware controls: by processing purpose and by data subject consent
These controls not only stop intentional malicious breaches, they also stop unintentional breaches and leaks like developers from “happening upon” personal data.
We make sure only the right teams, applications, processing, 3rd parties and data pipelines can access personal data, stopping internal, unintentional or opportunistic breaches as well.
We provide end to end privacy
We help you protect the whole data lifecycle from creation to deletion. As new users are created, new data is collected Privacy1 applies the encryption, pseudonymisation and entitlement policies you set.
As the data is stored, processed and shared, Privacy1 protects the data from improper uses, inadvertent and malicious access and rogue 3rd parties, when data subjects exercise their rights the data can be automatically suspended or deleted without operational overhead.
We give you back control of 3rd parties
When you share, store, process data with 3rd parties the safety of that data has been secured by trust in your vendors and underpinned by contracts. With the EU’s Schrems II ruling, European companies now do not have valid protections of EU citizens data when processing with US vendors.
Many companies are now faced with bringing data back out of the US cloud storage and app vendors back to vendors with the EU. For many, this is expensive, risky and threatens business continuity.
Using Privacy1’s Zero Trust platform allows you, the data controller, to apply appropriate protection at the data level for each vendor you use, giving you the ability to suspend or revoke processing at the drop of a hat and enforce your contractual clauses.
Schrems II and avoiding the business impact of repatriating your data back to the EU
As a data controller able to enforce this level of protection you can revoke access to your data for a specific 3rd party if they give you cause for concern, revoke or suspend access to data belonging to a specific data subject or set access only for specific processing purposes.
In this way you can apply the same protections on EU citizen data that you would normally have expected from the processor, enforce your standard contractural clauses and show a defensible position to any EU data regulator
Rather than just document your personal data use, we help you manage your personal data assets. We allow you to enforce your data protection policies across data flows, apps and 3rd parties automatically, we automate the DSAR process, remove manual overhead and human error, reduce costs and risks and improve efficiency and build a better trusted brand.
Data Pseudonymisation and encryption
Using Privacy1 all your personal data is pseudonymised and encrypted with multiple privacy aware security keys. This means that you can apply a zero trust strategy to your data assets rather than depend on perimeter defences. This allows you to control access to personal data to only those parties and systems that are approved and have the correct processing purpose.
Privacy integration for legacy to cloud
Regardless of whether you have modern cloud-based applications or older in-house technology our integration SDK's will enable your systems to take advantage of our privacy aware security controls without rebuilding the stack. We are also downloadable from Amazon and Google Clouds
Customer Rights Portal
Privacy1 provides a customer portal "Privacy Manager" which helps you build trust with your customers by being transparent about the data you have, the purposes that you use it. The portal allows you to give consent control back to your users and allow them an easy way to exercise their privacy rights, allowing you to be seen as a trusted brand.