{"title":"Enterprise \u0026 Platforms","description":"\u003cp\u003eDeployed to your own cloud — single-tenant, SSO, unlimited internal users, one price. The platforms that run a whole privacy, risk, or governance function on infrastructure you control.\u003c\/p\u003e","products":[{"product_id":"privacy-management-portal-extensible-self-hosted-governance-platform","title":"Privacy Management Portal — Extensible Self-Hosted Governance Platform","description":"\u003cp style=\"padding:12px 16px;background:#eef7fa;border-left:4px solid #1FA9C9;border-radius:6px;margin-bottom:16px\"\u003e\u003cstrong\u003e▶ Try it first:\u003c\/strong\u003e \u003ca href=\"\/pages\/privacy-portal-demo\"\u003eOpen the live interactive demo\u003c\/a\u003e — score a risk on the 5×5 matrix and watch it flow into the register.\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eA complete, self-hosted privacy governance platform — not a clone, and not a per-seat SaaS subscription.\u003c\/strong\u003e One extensible portal your team fully controls, tailorable to any organization (global or US), with a built-in regulatory register kept current to 2026.\u003c\/p\u003e\n\u003ch4\u003eModules included\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cstrong\u003eDashboard \u0026amp; Metrics\/KPIs\u003c\/strong\u003e — live program-health score, DSAR SLA, open incidents, high-risk counts, and charts.\u003c\/li\u003e\n\u003cli\u003e\n\u003cstrong\u003eRegulatory Monitor\u003c\/strong\u003e — 27 laws seeded (EU\/UK GDPR, CCPA\/CPRA 2026, all ~20 US state laws, LGPD, PIPL, DPDP, and more) with applicability triage and review cadence.\u003c\/li\u003e\n\u003cli\u003e\n\u003cstrong\u003ePrivacy Impact Assessments\u003c\/strong\u003e — conduct PIAs with automatic 5×5 inherent\/residual scoring; each risk syncs to the Risk Register and the activity to your RoPA.\u003c\/li\u003e\n\u003cli\u003e\n\u003cstrong\u003eBreach Risk Assessments\u003c\/strong\u003e — 5×5 harm scoring that drives a 72-hour notification recommendation and syncs to the Risk Register.\u003c\/li\u003e\n\u003cli\u003e\n\u003cstrong\u003eRisk Register, Data Inventory (RoPA), Rights Requests (DSAR), Vendor Risk, Incidents, Policies, Training\u003c\/strong\u003e — a consistent, exportable record engine across all.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003ch4\u003e100% tailorable\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eRebrand instantly (name, logo, colors). Add your own modules — custom registers, HTML blocks, embeds, links — with no code.\u003c\/li\u003e\n\u003cli\u003eWire API connectors; export\/import the whole portal as JSON. Backend-agnostic by design.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003ch4\u003eDeploy anywhere\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eRuns as a single self-contained file (no fonts, CDNs, or internet required), or deploy to \u003cstrong\u003eSharePoint, Azure, or Google Apps Script\u003c\/strong\u003e using the included deployment kit (per-record sync, Entra ID SSO, Power Automate\/Logic Apps automation, Key Vault secrets).\u003c\/li\u003e\n\u003cli\u003eSecurity-reviewed: URL-scheme sanitization, role-gated writes, server-side secret handling — full report included.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cem\u003ePlanning and governance aid, not legal advice. Verify the regulatory register against primary sources.\u003c\/em\u003e\u003c\/p\u003e","brand":"PrivOptic","offers":[{"title":"Web app + deployment kit","offer_id":44196988125287,"sku":"PO-PORTAL-001","price":499.0,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0677\/7788\/8359\/files\/portal-product-image.png?v=1783529868"},{"product_id":"third-party-risk-manager-self-hosted-tprm-platform-sso-api-connectors","title":"Third-Party Risk Manager — Self-Hosted TPRM Platform (SSO \/ API Connectors)","description":"\u003cp style=\"padding:12px 16px;background:#eef7fa;border-left:4px solid #1FA9C9;border-radius:6px;margin-bottom:16px\"\u003e\u003cstrong\u003e▶ Try it first:\u003c\/strong\u003e \u003ca href=\"\/pages\/tprm-demo\"\u003eOpen the live interactive demo\u003c\/a\u003e — add a vendor, score it on the 5×5 matrix, and watch it flow into the dashboard.\u003c\/p\u003e\n\u003cp style=\"padding:12px 16px;background:#eef7fa;border-left:4px solid #1FA9C9;border-radius:6px;margin-bottom:16px\"\u003e\u003cstrong\u003eVet every vendor, end to end.\u003c\/strong\u003e A complete third-party risk program in one self-hosted app — connect it to your risk feeds, tailor it to your org, and run vendor due diligence without a per-seat SaaS subscription.\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eA fully functional, self-hosted TPRM platform. Backend-agnostic, fully editable, and rebrandable — one portal your team controls end to end.\u003c\/strong\u003e\u003c\/p\u003e\n\u003ch4\u003eModules included\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cstrong\u003eDashboard \u0026amp; KPIs\u003c\/strong\u003e — vendor counts, critical-tier exposure, open findings, reviews due, and average residual risk.\u003c\/li\u003e\n\u003cli\u003e\n\u003cstrong\u003eVendor Register\u003c\/strong\u003e — tier, region, data processed, business owner, status, and review cadence.\u003c\/li\u003e\n\u003cli\u003e\n\u003cstrong\u003eRisk Assessments\u003c\/strong\u003e — inherent and residual scoring on a configurable 5×5 matrix with automatic ratings and a live heatmap.\u003c\/li\u003e\n\u003cli\u003e\n\u003cstrong\u003eFindings \u0026amp; Remediation, Evidence \u0026amp; Documents\u003c\/strong\u003e — track issues to closure and SOC 2 \/ ISO \/ DPA artifacts to expiry.\u003c\/li\u003e\n\u003cli\u003e\n\u003cstrong\u003eContinuous Monitoring\u003c\/strong\u003e — external security scores aggregated against your register.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003ch4\u003eConnect to any API\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eNative connector adapters for \u003cstrong\u003eUpGuard, SecurityScorecard, BitSight, and Whistic\u003c\/strong\u003e, plus a \u003cstrong\u003eGeneric REST\u003c\/strong\u003e adapter driven by a JSONPath field map — add any provider by cloning it.\u003c\/li\u003e\n\u003cli\u003eOne integration contract, server-side proxy in the deployment kit so API keys never touch the browser.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003ch4\u003eEnterprise access\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cstrong\u003eSSO \/ MFA\u003c\/strong\u003e via Okta, Microsoft Entra ID, or any SAML 2.0 \/ OIDC provider, with SCIM\/JIT provisioning and IdP group→role mapping (RBAC).\u003c\/li\u003e\n\u003cli\u003eSecrets held in your vault (Key Vault \/ AWS Secrets Manager). Deploy as a single file or to SharePoint \/ Azure \/ Google Apps Script via the included deployment kit.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003ch4\u003e100% tailorable\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eRebrand instantly (name, logo, colors). Edit fields, tiers, and the risk matrix. Export\/import the whole program as JSON.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cem\u003eProgram-management aid, not legal advice. A security review is included; enforce authentication, authorization, and secret storage server-side in deployment.\u003c\/em\u003e\u003c\/p\u003e","brand":"PrivOptic","offers":[{"title":"Web app + deployment kit","offer_id":44198591823975,"sku":"PO-TPRM-001","price":499.0,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0677\/7788\/8359\/files\/tprm-platform.svg?v=1783546901"},{"product_id":"data-governance-manager-self-hosted-data-governance-platform-sso-api-connectors","title":"Data Governance Manager — Self-Hosted Data Governance Platform (SSO \/ API Connectors)","description":"\u003cp style=\"padding:12px 16px;background:#eef7fa;border-left:4px solid #1FA9C9;border-radius:6px;margin-bottom:16px\"\u003e\u003cstrong\u003e▶ Try it first:\u003c\/strong\u003e \u003ca href=\"\/pages\/data-governance-demo\"\u003eOpen the live interactive demo\u003c\/a\u003e — catalog a data asset, classify it, and watch the governance dashboard update.\u003c\/p\u003e\n\u003cp style=\"padding:12px 16px;background:#eef7fa;border-left:4px solid #1FA9C9;border-radius:6px;margin-bottom:16px\"\u003e\u003cstrong\u003eRun a documented, smooth data governance program.\u003c\/strong\u003e One self-hosted platform for your data catalog, stewardship, policies, and data quality — connect it to your data stack, tailor it to your org, no per-seat subscription.\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eA fully functional, self-hosted data governance platform. Backend-agnostic, fully editable, and rebrandable — everything your program needs in one portal your team controls.\u003c\/strong\u003e\u003c\/p\u003e\n\u003ch4\u003eModules included\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cstrong\u003eDashboard \u0026amp; KPIs\u003c\/strong\u003e — assets catalogued, percent classified, ownership coverage, active policies, average data-quality score, and open issues.\u003c\/li\u003e\n\u003cli\u003e\n\u003cstrong\u003eData Catalog\u003c\/strong\u003e — assets with source system, domain, classification, PII flag, owner, steward, retention, and location.\u003c\/li\u003e\n\u003cli\u003e\n\u003cstrong\u003eDomains \u0026amp; Stewardship\u003c\/strong\u003e — data domains with owners, stewards, and asset counts.\u003c\/li\u003e\n\u003cli\u003e\n\u003cstrong\u003ePolicies \u0026amp; Standards, Business Glossary\u003c\/strong\u003e — a governed document register and a shared term dictionary.\u003c\/li\u003e\n\u003cli\u003e\n\u003cstrong\u003eData Quality \u0026amp; Issues\u003c\/strong\u003e — rules by dimension with score-vs-threshold pass\/fail, and issue tracking to closure.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003ch4\u003eConnect to any API\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eNative connector adapters for \u003cstrong\u003eSnowflake, BigQuery, Databricks, Collibra, and Alation\u003c\/strong\u003e, plus a \u003cstrong\u003eGeneric REST\u003c\/strong\u003e adapter driven by a JSONPath map — add any source by cloning it.\u003c\/li\u003e\n\u003cli\u003eOne integration contract, server-side sync in the deployment kit so tokens never touch the browser.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003ch4\u003eEnterprise access\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cstrong\u003eSSO \/ MFA\u003c\/strong\u003e via Okta, Microsoft Entra ID, or any SAML 2.0 \/ OIDC provider, with SCIM\/JIT provisioning and IdP group→role mapping (RBAC).\u003c\/li\u003e\n\u003cli\u003eSecrets held in your vault (Key Vault \/ AWS Secrets Manager). Deploy as a single file or to SharePoint \/ Azure \/ Google Apps Script via the included deployment kit.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003ch4\u003e100% tailorable\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eRebrand instantly (name, logo, colors). Edit the classification scheme, fields, and domains. Export\/import the whole program as JSON.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cem\u003eProgram-management aid, not legal advice. A security review is included; enforce authentication, authorization, and secret storage server-side in deployment.\u003c\/em\u003e\u003c\/p\u003e","brand":"PrivOptic","offers":[{"title":"Web app + deployment kit","offer_id":44198592282727,"sku":"PO-DG-001","price":499.0,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0677\/7788\/8359\/files\/data-governance-platform.svg?v=1783546846"},{"product_id":"privacy-program-health-suite-consultant-grade-assessment-risk-roadmap-platform-app-cloud-sync","title":"Privacy Program Health Suite — Consultant-Grade Assessment, Risk \u0026 Roadmap Platform (App + Cloud Sync)","description":"\u003cp\u003e▶ \u003cstrong\u003eTry it first:\u003c\/strong\u003e open the free interactive demo — run the full scope screener, answer one question per domain, and watch your program health and company risk score live in your browser. Nothing to install.\u003c\/p\u003e\n\u003cp\u003eAn entire privacy consulting engagement in a single file. The \u003cstrong\u003ePrivacy Program Health Suite\u003c\/strong\u003e takes any organization from \"how healthy is our privacy program?\" to a board-ready answer in one sitting — nine steps, four billable-grade artifacts, zero backend. Built by a working privacy practitioner who runs these engagements for real.\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eThe nine-step engagement:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cstrong\u003eScope screener\u003c\/strong\u003e — 12 plain-language questions map your footprint to GDPR, UK GDPR\/DUAA, CCPA\/CPRA, 20+ US state laws, HIPAA, India DPDP, PIPL, LGPD, transfer rules, the EU AI Act, minors' and employment provisions. Scope makes domains \u003cem\u003ecritical\u003c\/em\u003e, which reweights everything downstream.\u003c\/li\u003e\n\u003cli\u003e\n\u003cstrong\u003e44-question maturity assessment\u003c\/strong\u003e across 11 domains — including AI \u0026amp; automated decision governance as a first-class domain.\u003c\/li\u003e\n\u003cli\u003e\n\u003cstrong\u003eSystems, apps \u0026amp; platform module\u003c\/strong\u003e — score every system holding personal data against seven controls, weighted by data sensitivity and volume. \"Non-compliant · priority\" flags the dangerous quadrant: weak controls on high-exposure data.\u003c\/li\u003e\n\u003cli\u003e\n\u003cstrong\u003eProgram health score\u003c\/strong\u003e (0–100 gauge) and a composite \u003cstrong\u003ecompany risk index\u003c\/strong\u003e with an auto-generated executive narrative naming the drivers.\u003c\/li\u003e\n\u003cli\u003e\n\u003cstrong\u003eFramework crosswalk\u003c\/strong\u003e — every domain and finding mapped to HIPAA citations, NIST Privacy Framework categories, ISO\/IEC 27002:2022 controls, and SOC 2 Trust Services Criteria, so findings translate straight into your auditors' language.\u003c\/li\u003e\n\u003cli\u003e\n\u003cstrong\u003e59 regime-specific compliance suggestions\u003c\/strong\u003e, each flagged where legal obligation meets program weakness.\u003c\/li\u003e\n\u003cli\u003e\n\u003cstrong\u003eAuto-generated findings and a four-phase roadmap\u003c\/strong\u003e, foundations sequenced before dependents.\u003c\/li\u003e\n\u003cli\u003e\n\u003cstrong\u003e5×5 risk register\u003c\/strong\u003e with heat map — seed it from weak domains and priority systems in one click.\u003c\/li\u003e\n\u003cli\u003e\n\u003cstrong\u003ePrint-ready executive report\u003c\/strong\u003e compiling all of it.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eConnect anywhere:\u003c\/strong\u003e push and pull the full engagement state to infrastructure you already control — GitHub (versioned commits), Azure Blob, Amazon S3, Google Apps Script (backend script included), or any REST endpoint including Power Automate for SharePoint\/Teams. Credentials live in session memory only and are never written into save files.\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003ePrivacy architecture you can verify:\u003c\/strong\u003e one HTML file, runs in any browser on any OS, fully offline. No accounts, no telemetry, no cookies, no analytics — the tool contacts nothing until you configure a sync endpoint and click. It practices what it assesses, and the claim survives view-source.\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eIncludes:\u003c\/strong\u003e the suite (single-file web app), the Google Apps Script sync backend, a consultant methodology guide, and the security scan report.\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eRe-assessable by design:\u003c\/strong\u003e save the engagement as a JSON baseline, re-run in six months, and the delta is your progress narrative.\u003c\/p\u003e\n\u003cp\u003e\u003cem\u003eAssessment tooling for program planning — not legal advice.\u003c\/em\u003e\u003c\/p\u003e","brand":"PrivOptic","offers":[{"title":"Web app + sync script + guide","offer_id":44211081216103,"sku":"PO-HEALTH-001","price":499.0,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0677\/7788\/8359\/files\/privoptic-health-suite-product.svg?v=1783696429"},{"product_id":"privoptic-command-single-tenant-privacy-security-incident-command-center-deployed-to-your-azure","title":"PrivOptic Command — Single-Tenant Privacy, Security \u0026 Incident Command Center (Deployed to Your Azure)","description":"\u003cp\u003e▶ \u003cstrong\u003eTry it first:\u003c\/strong\u003e \u003ca href=\"\/pages\/command-demo\"\u003eopen the live demo\u003c\/a\u003e — a sample tenant with a SEV1 incident running, GDPR and UK notification clocks six hours from deadline, a vendor missing its DPA, and the July 2026 regulatory pack applied. No Azure required to look.\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eThe enterprise tier of the PrivOptic catalog — and it ships as a Bicep template you run in \u003cem\u003eyour\u003c\/em\u003e Azure subscription.\u003c\/strong\u003e PrivOptic never processes, stores, or transits your data, because PrivOptic has no infrastructure in this product. Your tenant is the boundary. Your Entra ID is the front door. Your auditors can read every line.\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eWhat's inside:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cstrong\u003eIncident Command Center\u003c\/strong\u003e — open an incident, set the awareness moment, and per-regime notification clocks start themselves: GDPR\/UK 72h, HIPAA ≤60d, state AG windows, India DPDP, EU AI Act serious-incident, contractual notice. Live countdowns that go red inside 12 hours, an append-only event timeline, status workflow, mark-met\/missed per clock.\u003c\/li\u003e\n\u003cli\u003e\n\u003cstrong\u003eRegulatory update pipeline\u003c\/strong\u003e — one toggle and your instance pulls signed content packs (clock changes, regulatory bulletins) from the PrivOptic feed or your own internal mirror. Ed25519-verified against a key baked into your deployment; tampered packs rejected; downgrades refused; packs are pure data with no code path to execution. Off by default — egress is zero until you decide otherwise.\u003c\/li\u003e\n\u003cli\u003e\n\u003cstrong\u003eAssessments\u003c\/strong\u003e — Privacy Program Health Suite engagements as multi-user records; JSON saves from the desktop edition import directly.\u003c\/li\u003e\n\u003cli\u003e\n\u003cstrong\u003eTPRM\u003c\/strong\u003e — vendor lifecycle, tiering, DPA tracking, review history.\u003c\/li\u003e\n\u003cli\u003e\n\u003cstrong\u003eRisk register\u003c\/strong\u003e — the company-level 5×5 that incidents, vendors, and assessments feed.\u003c\/li\u003e\n\u003cli\u003e\n\u003cstrong\u003eThe chassis\u003c\/strong\u003e — Entra ID sign-in (your SSO, MFA, and conditional access policies apply natively), admin\/member\/viewer roles, and an append-only audit log of every write.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity you can verify, not take on faith:\u003c\/strong\u003e the package includes a deep security scan report (100% parameterized SQL — 50 queries, 111 bound parameters, zero concatenation; no telemetry; no license server; single opt-in egress point) \u003cem\u003eand\u003c\/em\u003e the 48-case end-to-end test suite that proves it — auth bootstrap, RBAC denials, clock deadline math verified to the hour, and the pipeline tested adversarially including tamper and oversize rejection. Run it yourself in seconds.\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eDeployment:\u003c\/strong\u003e ~15 minutes with the included one-command script. Four Azure resources: Static Web App, serverless SQL that auto-pauses when idle, private evidence storage, your Entra app registration. Typical run cost in your subscription: \u003cstrong\u003e$25–60\/month at rest\u003c\/strong\u003e. First person to sign in becomes the admin.\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eIncludes:\u003c\/strong\u003e the complete repository (infrastructure-as-code, API, frontend, schema, test suite), customer deploy guide, architecture documentation, security scan report, and the live-demo file. The subscription variant adds 12 months of signed regulatory packs — written by a working privacy practitioner who tracks these obligations professionally, published monthly.\u003c\/p\u003e\n\u003cp\u003e\u003cem\u003eTooling for privacy operations — clock defaults are planning aids to verify against your specific regimes and facts. Not legal advice.\u003c\/em\u003e\u003c\/p\u003e","brand":"PrivOptic","offers":[{"title":"Command license — single-tenant deployment","offer_id":44211111723111,"sku":"PO-CMD-001","price":3500.0,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0677\/7788\/8359\/files\/privoptic-command-hero.svg?v=1783697900"}],"url":"https:\/\/privoptic.com\/collections\/enterprise-platforms.oembed","provider":"PrivOptic","version":"1.0","type":"link"}