Reduce the risks of software procurement

Discover how TrustThis fits into your day-to-day:

See the Software Procurement Process with TrustThis

Areas of Practice

DPOs, Privacy Professionals and LGPD Consultants

What TrustThis solves for you:

Quick privacy and AI screening

Quickly screens privacy and AI usage of your company's software (product and category analysis), so you can focus only on critical cases.

Living software inventory

Maps and maintains a living inventory of software used, with risk scores and alerts when privacy or AI policies change.

Reports for DPIA and records

Delivers standardized and comparable reports that become direct input for Data Protection Impact Assessments (DPIA) and processing records.

What TrustThis does not replace:

Does not replace Data Protection Impact Assessments (DPIA), Legitimate Interest Assessments (LIA), formal risk assessments or internal audits. Does not replace your legal opinion or clause negotiation — it organizes evidence and priorities, the final decision remains yours.

Corporate Software Procurement Process with TrustThis

Complete workflow for acquisition, management and monitoring of vendors with transparency and AI governance

Acquisition Planning / Budget

Identify the need for a new solution/vendor and reserve budget

CIO/CTOProcurementBusiness Area

TrustThis

Open content: benchmarks by category and trends (decision-maker education). RFP inspiration: most relevant AI/privacy criteria.

Market Mapping / Initial Screening

Survey possible vendors and shortlist 3-5 software options

Procurement AnalystVendor RiskCISO (support)

TrustThis

OPTI Index (public): quick comparison, transparency flags, AI governance. Premium: advanced filters (AI usage, sector compliance).

RFI (Request for Information) / Pre-selection

Request basic information from vendors and ensure they meet minimum requirements

ProcurementLegal/ComplianceSecurity Analyst

TrustThis

Report export: public evidence already collected (saves vendor time). OPTI comparison: to support RFI questions.

RFP (Request for Proposal) / Due Diligence

Receive detailed proposals and assess security, privacy and compliance risk

CISODPO/PrivacyLegalProcurement

TrustThis

Premium: incident history, sector suitability, specific recommendations. Public evidence: attached as support for vendor responses.

Contractual Negotiation

Adjust contractual clauses for privacy, AI and security

LegalProcurementDPO/PrivacyProcurement

TrustThis

AI governance criteria checklist to attach to the contract

Vendor Onboarding

Vendor access to data/systems and monitoring plan

IT/SystemsCISOVendor ManagerDPO

TrustThis

Initial report as baseline and flags matrix

Continuous Monitoring

Track policy changes and review risks

Vendor RiskDPOCISOCompliance

TrustThis

TrustThis Premium: Change alerts and updated benchmark

Incident Response

Investigate impacts and report to regulators

CISODPOLegalCommunications

TrustThis

Public evidence and history for audits

Renewal / Replacement

Evaluate vendor performance and decide on renewal or replacement

ProcurementCIO/CTODPOCISO

TrustThis

Updated benchmark by category. Comparison with new players for strategic decision input.

Benefits of the Integrated Process

Transparency

Complete visibility into vendor privacy and AI practices

Efficiency

Reduced time for vendor assessment and due diligence

Compliance

Continuous compliance with LGPD, GDPR, AI Act and other regulations

Ready to Transform Your Risk Analysis?

Join the professionals who have already discovered how to make smarter decisions about data privacy.

Get a Plan Analyze a Software