
A Major Milestone for Osano...and the Industry
When we founded Osano, our goals were ambitious. We wanted to...
Read NowThe simple, all-in-one data privacy platform
Manage consent for data privacy laws in 50+ countries
Streamline the DSAR workflow
Automate and visualize data store discovery and classification
Ensure your customers’ data is in good hands
Discover how Osano supports CPRA compliance
Learn about the CCPA and how Osano can help
Achieve compliance with one of the world’s most comprehensive data privacy laws
"I have read and agree to the terms and conditions” may well be the most common lie in the history of civilization. How many times do you scroll and click accept without a second thought?
You’re not alone. Not only do they go unread, but they also include a self-updating clause requiring you to go back and review those documents for changes. You’re agreeing to any changes, and their consequences, indefinitely.
Employees regularly provision services with self-updating agreements, and enterprise agreements often include external references. Most operational protocols and laws require you to monitor your vendors. But if their agreements are self-updating, how can you effectively follow them for updates? Some vendors do send updates, but often it’s impossible to understand what has changed. Without Osano, it’s like trying to compare two Microsoft Word documents without Track Changes enabled. Osano makes it easy for you to track changes and adequately understand your risk.
You promised your customers that you store data for 12 months. A vendor updated its policies to reflect an 18-month retention. Now you're faced with a choice in order to stay compliant. Either end the vendor relationship or update your statements to reflect reality. If you don't know, you can't.
If you’re unsure whether you're keeping up with your vendors, chances are you're not. On average, vendors change their policies once per month but notify their customers only once per year. Osano alerts you to major and minor changes instantly, so you're always aware of your vendors’ practices.
The likelihood is strong that the vendors you're doing business with today have evolved since you originally signed up for their services. So have their policies. Travel back in time and review the policies that you agreed to and see in an instant exactly how much those agreements have changed.
The self-updating document is widespread in the SaaS world. In recent years, there has been a trend towards vendors emailing a notice to users stating, "We've updated our privacy policy" or something similar. Fewer than 25% of vendors send these notices—fewer than that point out what has been updated.
Even if the notice includes a summary, it's typically a sanitized, friendly summary of changes that's gone through the marketing department. It usually does not include a statement around how the changes can impact your specific business.
Counting on vendors to self-report in an accurate, timely, and transparent manner is irresponsible. Would you trust a restaurant to do its own health inspection? Then why trust a vendor to do its own document inspection?
Many enterprises mistakenly believe they do not need to track policy documents since they signed a separate contract for an enterprise service. Most of these contracts refer to external policies.
Even worse, many also include a self-updating clause for specific sections with the responsibility to monitor being put on you, the customer. Are you monitoring these policy changes? Osano can do it for you.
Discover actionable compliance tips straight from our team of legal and privacy experts through our blogs, webinars, eBooks, guides, and more.
With Osano, building, managing, and scaling your privacy program becomes simple. Schedule a demo or try a free 30-day trial today.