All intakes
INTK-2026-0041SME reviewLowInternal
Marketing analytics platform
Self-serve dashboards for our growth team.
- Submitted
- SME review2
- Procurement3
- Due diligence4
- Assessment5
- Contracting6
- Approved7
Overview
Business owner
Thomas Beckthomas.beck@company.com
SME reviewer
Alex Chenalex.chen@company.com
Specialist reviews
Privacy·Approved
Security·Pending
Architecture·Pending
Procurement
Unassigned
Vendor
Mixpanel (proposed)
Users
8
Annual cost
€18,000
Submitted
5 days ago
Updated
1 day ago
Expected go-live
—
General
- Nature of the service
- SaaS product analytics
- Proposed vendor (if known)
- Mixpanel
- Estimated contracted value (€)
- 18,000
- Entity signatory
- Acme EU SAS
- Beneficiary department
- Marketing
- Contract type
- New service
- Does the service support a critical or important business function?
- No
- If yes, which critical / important function?
- —
- Is the service defined as a material process in the BIA? Select the RTO.
- —
Outsourcing
- Is it an outsourcing activity?
- No
- Is the supplier critical or important (per DORA / EBA logic)?
- —
- Will the supplier subcontract (4th parties)?
- —
- Is there a concentration risk (sole provider)?
- —
- Is an exit strategy available?
- Yes
Data privacy & AI
- Will the supplier have access to personal data in the delivery of the service?
- Yes
- Estimated volume of personal data processed per annum
- 200,000
- Estimated volume of sensitive personal data processed per annum
- —
- Will data be transferred outside the EU / EEA?
- Yes
- Will the vendor act as:
- Processor
- Is a DPIA required?
- Unknown
- Will the service use AI?
- No
Information security
- Maximum classification of information handled by the supplier
- Internal
- Will the vendor have privileged access to company systems and/or networks?
- No
- Will the vendor have access to the company's restricted zones / premises?
- No access
- Highest confidentiality impact in case of a major data leakage at the vendor
- Low
- Highest integrity impact in case of major corruption at the vendor
- Low
- Highest availability impact in case of major disruption at the vendor
- Low
- Will the vendor host data?
- Yes
- Will the vendor access systems remotely?
- —
- Will the vendor connect via API / integration?
- Yes
- Authentication model: SSO / MFA required?
- Yes
- Any cyber certification (ISO 27001, SOC 2, etc.)?
- Yes