IAPP Privacy Tech Vendor Report


Editor's Note:

To apply to be listed in the next publication of the IAPP “Tech Vendor Report,” please send an email to IAPP Associate Editor Ryan Chiavetta, CIPP/US, at rchiavetta@iapp.org. To view the application guidelines, click here.

The IAPP’s fourth annual “Privacy Tech Vendor Report” without question is the largest collection of vendors to date. When the first report came out in 2017, the privacy tech vendor space was a relatively obscure assemblage of tech offerings designed for or to help leverage in part with the privacy profession. In 2017, the IAPP identified 44 vendors, and since that time, the growth in new vendors has followed a hockey-stick trajectory. Now, in 2020, the IAPP identified at least 343 privacy tech vendors, all of which are included in the directory section of this report.

Though the consistently growing number of vendors in the space is impressive, many vendors have improved and now offer more services — from data mapping to deidentification solutions to consent management and data discovery products. Due to increased product offerings and demand, this year's report also adds a new "data subject request" category.



Include your company name, whether you are a new or existing vendor (in the report), year founded, number of employees, and whether you are a privately held or publicly traded company.

For the location of your company’s headquarters, please submit both the city and country you are located. For leadership, please separate each person’s name and title by a comma, and each person by a semicolon. Please limit your submissions to three. For example: Person A, CEO; Person B, Chief Financial Officer; Person C, Chief Technology Officer.

When filling out the description of your offerings, please limit it to 100 words and avoid using any marketing lingo. The IAPP reserves the right to edit all copy that does not adhere to this request.

Please include a high-resolution file of your logo and screenshot of the tech solution, then upload each individually with your company name in each file name. For the screenshot of the solution, dashboards and other interfaces are highly recommended. The only formats the IAPP will accept are .jpeg, .png, .tiff, .eps and .pdf.

As mentioned above, the IAPP will now accept submissions for vendors offering data subject request solutions, as well as our existing categories. If your solution fits any definition, please check off the corresponding box in the form.


Assessment managers tend to automate different functions of a privacy program, such as operationalizing privacy impact assessments, locating risk gaps, demonstrating compliance and helping privacy officers scale complex tasks requiring spreadsheets, data entry and reporting.

Consent managers help organizations collect, track, demonstrate and manage users’ consent.

Data mapping solutions can come in manual or automated form and help organizations determine data flows throughout the enterprise.

Data subject request solutions help organizations facilitate inquires made by individuals who wish to exercise their data rights. These can include requests involving the right to access, rectification, portability and erasure.

Incident response solutions help companies respond to a data breach incident by providing information to relevant stakeholders of what was compromised and what notification obligations must be met.

Privacy information managers provide organizations with extensive and often-automated information on the latest privacy laws around the world.

Website scanning is a service that primarily checks a client’s website to determine what cookies, beacons and other trackers are embedded to help ensure compliance with various cookie laws and other regulations.

Activity monitoring helps organizations determine who has access to personal data and when it is being accessed or processed. These solutions often come with controls to help manage activity.

Data discovery tends to be an automated technology that helps organizations determine and classify what kind of personal data they possess to help manage privacy risk and compliance.

Deidentification/pseudonymity solutions help data scientists, researchers and other stakeholders derive value from datasets without compromising the privacy of the data subjects in a given dataset.

Enterprise communications are solutions that help organizations communicate internally in a secure way to avoid embarrassing or dangerous leaks of employee communications.

Finally, vendors must put a working contact person and email address at the bottom of the form.

Click here to access submission form

The IAPP “Privacy Tech Vendor Report” is one of the industry’s most widely read guides to privacy-related technology products. For advertising information, availability and pricing, please contact the sales team at sales@iapp.org.

Thank you very much,

IAPP Publications

Click to view full guidelines

Have you visited the IAPP's Vendor Demo Center?

The IAPP recently launched the Vendor Demo Center. The Demo Center was designed to give you easy access to demos of the latest privacy products and services without leaving home. Get your company featured in the Demo Center by contacting sales@iapp.org.