KehitysSuper-admin console
Mock mode
K14 · Platform DPIA

Kehitys platform assessment.

1 open risk(s)

The platform's own Data Protection Impact Assessment, separate from each tenant's per-event DPIA. Risk register, mitigations, review cadence, and the change-triggered re-review queue.

Assessment meta

Risk register

Review triggers

Risks · total

06

On the platform risk register.

Mitigated

04

Controls in place, validated.

Monitoring

01

Mitigation depends on vendor + drill cadence.

Open

01

Awaiting mitigation work.

Assessment meta

Scope, cadence, owners.

Scope

Kehitys multi-tenant event platform — RSVP, check-in, notifications, entitlements, admin operations, audit, and the Tokens & Bar module.

Last reviewed

21 May 2026 · review@kehitys.se

Next review due

21 May 2027

Review cadence

Annual + on any material change (new sub-processor, new module, new data category).

Risk register

Scenarios, likelihood, impact, mitigation.

#ScenarioLikelihoodImpactMitigationOwnerStatus

01

Application bug leaks data across tenants.

risk-cross-tenant

Low
High

Postgres RLS as sole isolation primitive. Nightly RLS smoke test + every-deploy gate. No app-layer fallback.

founder@kehitys.se

Mitigated

02

Allergy / accessibility (Art. 9) data improperly retained or shared.

risk-art9-allergies

Low
High

Standalone explicit-consent at point of collection. 30-day purge after event. Caterer-only data export, watermarked.

review@kehitys.se

Mitigated

03

Invitation or check-in token replay (intercepted or shared).

risk-token-replay

Medium
Medium

Tokens are single-use, tenant-scoped, signed with versioned key, short TTL. Bar QR rotates every 60s.

founder@kehitys.se

Mitigated

04

Resend or Sentry account compromise.

risk-vendor-breach

Low
High

Vendor MFA + IP allow-listing + quarterly breach drill (last completed 2026-01-18).

ops@kehitys.se

Monitoring

05

GDPR Art. 17 erasure not completed within 30 days.

risk-erasure-lag

Low
Medium

Erasure workflow runs nightly with SLA alert at day 25. Audit log retains anonymised pointer post-erasure.

review@kehitys.se

Mitigated

06

New sub-processor (Sentry) introduces a previously-unassessed data flow.

risk-sentry-new

Medium
Medium

30-day controller notice scheduled. DPA negotiation under way. DPIA addendum drafted, awaiting Sentry sub-processor disclosure.

review@kehitys.se

Open
Pending review triggers

Material changes that demand a re-review.

Any one of these triggers must be resolved (review note added, risk re-rated) before the next scheduled annual cadence.

Trigger

Sentry sub-processor onboarding (INC-2026-015) — requires DPIA addendum review before notice dispatch.

Awaiting review note

Add review note → step-up

Trigger

Entitlement engine v1.1 scanner_instances expansion (W25) — requires risk-register addendum.

Awaiting review note

Add review note → step-up