Readmodel® Data Risk & Security Insight

Know where your data lives.
See who can access it.
Before something goes wrong.

You use dozens of services. Your teams access them from managed laptops and personal phones. Data flows between systems through APIs, backups, and exports. Readmodel® maps it all — and tells you where the risks are.

Create Free Account Sign In
Built-in ROPA tool Data loss prevention insight Device & access assessment 200+ service templates GDPR, NIS2 & EU AI Act

How it works

From zero to full visibility in five steps

Map your data landscape step by step. Readmodel® turns your documentation into actionable risk insights — and compliance-ready exports come free.

1

Add your services

List the tools and platforms your organisation uses — pick from 200+ pre-configured templates or add your own.

2

Map users & devices

Document who accesses what, and from which devices. Assess device security: encryption, MDM, remote wipe.

3

Document data flows

Add data items, transfers between services, and backup configurations. Classify sensitivity and set retention.

4

Review your risks

The risk register scores every service and flags gaps: missing backups, unmanaged devices, vendor lock-in, overdue reviews.

5

Get AI insights & export

Generate an AI-powered analysis report. Export ROPA, risk register, and compliance documentation — all print-ready.

The data model

Four layers, fully connected

Readmodel® maps the full chain: devices, users, services, and data items — connected by access, processing, and transfer relationships.

Devices Laptops, phones
& workstations
Data Users Roles & people
who access services
Data Services Systems & apps
that process data
Data Items Personal data categories
with classification & retention
Service → Service = data transfer
Device → User = device assignment User → Service = access assignment Service → Item = data processing Service → Service = data transfer

Features

Everything you need to understand your data risk

Map, assess, and document — all in one place, per project, with no external tools required.

Visibility & documentation

Interactive Data Flow Graph

Your entire data landscape as a live, draggable graph — devices, users, services, and data items. Filter, zoom, and save your layout.

ROPA Tool & Compliance Exports

Generate ROPA (Record of Processing Activities), risk register, and full project exports — formatted for print, audit, or stakeholder review.

GDPR Art. 30

Printable Report

A structured summary with risk scores, device security, backup compliance, DPIA status, and access review results — ready for management review.

AI-Powered Analysis

An AI model analyses your complete data landscape — services, risks, devices, backups, vendor lock-in — and writes a professional report you can share.

Data governance

Legal Basis Tracking

Document why you process each data item. Pre-seeded GDPR Art. 6 legal bases included. Missing legal bases raise the risk score automatically.

GDPR Art. 6

Retention & Deletion

Record how long each data item is kept. 19 pre-defined retention periods across four categories. Know when data should be deleted.

Data lifecycle

Sensitivity Classification

Tag data items with colour-coded sensitivity levels. Special Category and restricted data scores higher risk automatically.

Authentication Tracking

Document how each service controls access — SSO, MFA, API key, passkey. Services without authentication are flagged as a risk.

Risk & security assessment

Automated Risk Scoring

Every service gets a risk score based on data sensitivity, authentication, transfers, backups, and device security. No manual assessment needed.

5 levels: None → Critical

Risk Register

All services ranked by risk with specific action items: missing backups, unmanaged devices, vendor lock-in, undocumented data, overdue access reviews.

DPIA tracking

Transfer & Backup Tracking

Document data flows, backup transfers (with media type, offsite, immutable, encrypted flags), and verify compliance against your backup strategy.

Data Sovereignty

Track where data is processed by country, assess vendor lock-in and exportability, and document transfer safeguards for Schrems II compliance.

User Compliance Scoring

Each data user gets a 0-100 compliance score across five categories: access documentation, device security, authentication strength, access reviews, and data sensitivity handling.

Breach Notification Register

Log data breaches, track the 72-hour DPA notification deadline, and document remediation — all required by GDPR Art. 33-34.

GDPR Art. 33–34

DSAR Tracking

Log data subject requests, track the 30-day response deadline, and document identity verification and responses — GDPR Art. 15-22.

GDPR Art. 15–22

Access & device security

Access Reviews

Periodic campaigns that certify or revoke every access assignment. Revoked access is removed automatically. A complete audit trail of review decisions.

Least-privilege enforcement

Device Security Assessment

Document device groups, assess encryption, MDM, remote wipe, and VPN requirements. The risk register flags BYOD devices accessing sensitive data without controls.

Vendor Lock-in Assessment

Rate each service's lock-in risk and data exportability. Document exit strategies. Pre-populated assessments for 50+ services from the template library.

Productivity

Template Library

200+ pre-configured services with login types, data items, vendor lock-in ratings, and exit strategies. Load your entire IT landscape in minutes.

Project Copy & Audit Trail

Deep-copy any project for annual reviews or new business units. Every change is logged with user, timestamp, and IP address.

Track Your Progress

Save baselines and see how your risk posture improves over time. Prove the value of your documentation effort with concrete metrics.

Built-in Guidance

Contextual help icons on every page. Comprehensive documentation covering data mapping, risk scoring, backup strategies, device security, and vendor lock-in assessment.

See your risks
before they become incidents

Readmodel® computes a risk score for every service based on data sensitivity, authentication controls, backup coverage, device security, and vendor dependencies. The risk register shows exactly what to fix — and your score improves as you close gaps.

High-risk services are flagged for DPIA review. Document your assessment directly in the risk register.

Try it free
Critical
Score ≥ 10 · DPIA required
High
Score 7–9 · Review urgently
Medium
Score 4–6 · Gaps present
Low
Score 1–3 · Well documented
None
Score 0 · No personal data or fully documented public data

Pricing

Simple, transparent pricing

Start for free. Upgrade when you need more projects or AI reports.

Explore
Free

Try Readmodel® with full functionality. No credit card required.

  • 1 project, 5 services
  • Full data mapping & risk scoring
  • Risk register & ROPA export
  • CSV & JSON data export
  • Interactive data flow graph
  • User compliance scoring
  • Watermark on printed reports
Get started
Save 20%
Grow
€99 / month

For small businesses mapping their data landscape.

  • Everything in Explore, plus:
  • 3 projects, 20 services each
  • 10 AI reports / month
  • No watermark on reports
  • Email support
Get started
Most popular
Team
€249 / month

For teams managing multiple scopes with collaboration.

  • Everything in Grow, plus:
  • 10 projects, unlimited services
  • 5 team members with project sharing
  • 50 AI reports / month
  • Audit log
  • Email support
  • Document storage (DPA, SLA, contracts)
Get started
Enterprise
€499 / month

For organisations needing scale and advanced governance.

  • Everything in Team, plus:
  • 50 projects, 25 team members
  • 200 AI reports / month
  • API access
  • Priority email support
  • Document storage (DPA, SLA, contracts)
Get started

Need more? We offer custom enterprise setups — unlimited accounts, your own admin access, a dedicated isolated server, and tailored configurations. Contact us to discuss your requirements.

Our mission

Why we built Readmodel®

Your digital infrastructure is the backbone of your business. Every service, every data flow, every access point matters. We built Readmodel® to help organisations become more digitally reliable and resilient — not just compliant on paper, but genuinely in control of their data landscape.

Readmodel® maps what you have, scores where the risks are, and tracks your progress as you improve. Because protecting your business and your clients starts with knowing what you have.

Start mapping your data risk today

Create a free account, load 200+ service templates, and see your first risk assessment in under an hour.

Create Free Account

Not in the EU?

Readmodel® is currently available for EU businesses only. Join our waiting list and we will notify you when we expand to your region.

Join waiting list

Stay informed

Subscribe to our newsletter for updates on data risk management, GDPR compliance, and product news from Readmodel®.

Subscribe to newsletter