Lowest risk
Drupal
Summary
A free and open-source content management framework written in PHP and distributed under the GNU license.

Parent organisation: The Drupal Association
Type of organisation: FLOSS software
Market share: One of the leading products (#3-7)

Pricing: Free
Skills needed to set-up: Needs tool/domain expert to configure
Skills needed to use: Plug & play (any non-technical user can do it)
Pros
Open Source alternatives available
Releases new features regularly
Shares product roadmap
Transparent pricing model
Clear data policies
Allows data export
Allows data deletion
Has accessibility statement
Cons
Newsworthy security breaches - 400 Websites Secretly Served Cryptocurrency Miners to Visitors
Does not share diversity data

Full Product Data Collection

Data collected January-February 2020

Product nameDrupal
Product URLhttps://www.drupal.org/
Parent organisationThe Drupal Association
Workflow categoryProduction & formats
Date product founded2000
Product descriptionA free and open-source content management framework written in PHP and distributed under the GNU license.
What type of company or organisation is the product owned by?FLOSS software
Is the company profit-making?Not-for-profit model
How is this product funded?Backed by a non-profit org or charity
What market share does the tool have?One of the leading products (#3-7)
Is there an Open Source alternative in this product space?Yes. WordPress, Joomla, Grav, Jekyll
When did the company last release new features?Dec-2019. Security update adressing multiple “moderately critical” vulnerabilities
Have they shared details of the product roadmap?Yes. Drupal 9.0 due in 2020: Compatibility release worth upgrading to to receive security updates after 2021.
Is there talk of the product raising further investment?Yes. Non-profit taking membership, partnership and sponsorship donations.
Is there talk of the product being acquired?No
Have there been any newsworthy business issues or challenges in the last 12 months?No
Is there a pricing model listed on the website?Product is clearly listed as free
How clear & transparent is this pricing model?Product is clearly listed as free
What is the range of prices offered?N/A
What factors drive higher pricing?N/A
What skills are needed to get this tool set up & usable?Needs tool/domain expert to configure
What skills are needed to USE this tool day-to-day?Plug & play (any non-technical user can do it)
Does this tool use proprietary file formats for saving documents & outputs?Has propriety file formats but offers open options
Is the product reliant on 3rd-party APIs or interoperability to function?No
Have there been any newsworthy technical issues in the last 3 years?No
How clear is the Terms of Service for users (i.e. publishing customers)?Technical, legalistic TOS
Does the product have a data collection & usage policy on its website? (Can be a GDPR statement)?Yes, comprehensive.
Is their data policy “GDPR everywhere”?Yes, GDPR compliant globally
Does the product require your audience to sign-in to use it?N/A not an audience-facing tool
IF SIGN IN REQUIRED: Does audience sign-in use 3rd party platforms?N/A not an audience-facing tool
Does the public product website mention how to export or transfer your data to another service?Yes: Export/transfer publisher content, Yes: Export publisher metadata
Does the public product website mention how to delete your data?Yes: for publisher data only
Have there been any newsworthy security breaches with this product in the last 3 years?Yes. 400 Websites Secretly Served Cryptocurrency Miners to Visitors
Does the company have an accessibility statement on its website?Yes
Does the company release information on the diversity of the workforce?No