Introducing v8.0: Part 2. Redesigned Flow Step Properties

In Part 1, we described improvements to the Flow Designer to make it easier to understand routing for a workflow.

Flow Steps have lots of settings

V7 properties (partial)

Another area that we’ve improved significantly in V8 based on customer feedback is the property settings for a flow step. The V7 and earlier properties panel (figure at left) had simply become too large and complex as we’ve added more and more features to frevvo workflows and customers were finding it a bit confusing and hard to use.

We’ve reorganized the properties and moved them into a new modal dialog accessed by clicking the desired flow step and then clicking the properties edit icon (the cog icon). Properties have been reorganized and the names changed to be more intuitive in some cases, but the requirements are generally unchanged for all properties.

Flow Step Properties Wizard


The properties are organized on tabs (screenshot above) and nothing is saved to the editing flow instance until the dialog is submitted. Many properties also have explanatory text so it’s easier to understand what each property means.

If you Submit your changes with any invalid property setting, the dialog will not close and an error message will display. The wizard will automatically take you to the first Tab with an error. Tabs with errors and invalid properties will also display in red so there’s an immediate visual indication.

The wizard also guides the designer to prevent errors. A great example is Step Assignment (screenshot below). It was always possible to assign steps to a user, a role or an email address (no login required). If it’s assigned to a specific user, it does not make sense to also enter a role since it will always go that user. The wizard will grey out the irrelevant fields to prevent errors. The user and role fields also auto-complete with a list of valid users and roles.


The Flow Step Properties Wizard has many more features and we’ll describe some of them in detail in subsequent articles. Suffice it to say that frevvo designers will find it much much easier to configure steps in their workflows using V8 compared to prior versions.

We’re excited about this release and think you’ll like the changes. Stay tuned for future articles and upcoming webinars on V8.0 – it will be released to frevvo Cloud this Fall. Exact date TBD and we’ll announce it here when firmed up.


Introducing V8.0: Part 1. Flow Design Canvas

We’ve been hard at work on some big updates to the workflow designer and we’re excited to share some of what’s coming soon. The main goal of v8.0 is Phase 1 of simplifying flow design and improvements are based on extensive feedback from customers and our own Client Services team. We’ve also added a few oft-requested features that we’ll describe below and in future articles.

The improvements fall into multiple areas:

  • A redesigned Flow Design Canvas that makes the flow routing clearer.
  • Much easier configuration of flow step properties via a new Flow Step Properties Wizard.
  • At-a-glance view of properties for any flow step via a new Flow Step Navigator.
  • Vastly simplified routing – you can route to users, roles or an email address in a single unified Assignments UI that checks for and prevents errors.
  • Get a read-only view of any task that you completed while the workflow is waiting for downstream approval.
  • On-demand refresh of searchable fields for a particular form or workflow without requiring admin privileges.

We’ll preview these changes in this and future articles.

Flow Designer Canvas

flow-designer.pngThe canvas is redesigned to be more intuitive and familiar and to display the flow routing more clearly.

It now represents the flow in a flow chart like format with process flow clearly marked with arrows. The arrows are drawn automatically as the step is dropped on the canvas as shown in the figure.

As a designer adds a precondition to a step, the system automatically draws a precondition as a decision box (yellow diamond). The precondition is part of the step that immediately follows it. For example, it is not separately selectable. The designer can specify a user-friendly description of the precondition which is displayed in the decision box.

As before, when a step is selected, the relevant action icons become visible e.g. create a linked step, edit the form associated with a form step etc.

Linked steps display a double box indicating clearly that the step is a copy of a prior step in the flow.

When dragging and dropping either new steps from the palette or existing canvas steps as part of a move operation, the UI will provide clear feedback regarding the drop target. When hovering over a step, the cursor will be modified as usual with the up or down green arrow indicating if the drop will be either above or below. In addition to this, the step that is the drop target will show a flashing green “bulls eye” to indicate the exact place where the step is to be placed. This is intended to head off any confusion about exactly where the designer is dropping and to make it clear that they cannot drop between a step and its precondition diamond.

Stay tuned for future articles and upcoming webinars on V8.0 – it will be released to frevvo Cloud this Fall. Exact date TBD and we’ll announce it here when firmed up.


How to automate processes to achieve Digital Transformation



Digital transformation is a huge opportunity – perhaps the greatest of the next three years. Automating your day-to-day business processes should be the first step in your journey. If you haven’t yet invested in a workflow automation platform, consider making it a top priority.

Check out the full article by our CEO with 5 tips on how you can achieve digital transformation over at

Photo by rawpixel on Unsplash

[2m video] frevvo in Higher Education

Higher Education administrative costs have grown dramatically and faculty spend too much of their time (more than 30% in many cases) on non-academic activities.

Using frevvo, our University customers have automated day-to-day administrative workflows from expense reports to travel authorizations to purchase requisitions. They’re able to track and manage them better and dramatically reduce wasteful manual work and costs. They love the visual, low-code designers, dynamic behavior, and built-in mobile but also love the speed and ROI of digital transformation.

Watch this 2m explainer video to see how they’re using frevvo’s drag-and-drop software to easily digitize forms and workflows and free up faculty time to focus on students.

Want to get started with digital transformation in your own University? Visit our website to learn more and sign up for a free trial and contact us today.

[2m Video] frevvo in K-12 schools

Many K-12 schools (public and private) use frevvo to automate routine day-to-day workflows from travel authorization to permission slips to absence records. They love capabilities like the visual, low-code designers, dynamic behavior, and built-in mobile but also love the speed and ROI of digital transformation.

Watch this short 2m explainer video to see how they’re getting rid of paper- and email-based processes, converting them to digital and freeing up teachers and staff to focus on students instead of chasing signatures.

Want to get started with digital transformation in your own school? Visit our website to learn more and sign up for a free trial and contact us today.

May 25, 2018: The Birth of GDPR


Flooded with emails from companies describing how they’ve updated their Privacy Policy? You’re not alone. The GDPR goes into effect today and if a business isn’t compliant, then hefty fines and penalties await.

After about 4 years of contentious debate, on 8 April 2016, the EU data protection framework was finally adopted. As of today, it’s the law, – the General Data Protection Regulation (GDPR). It’s a law that’s sure to significantly overhaul Europe’s cornerstone data protection legislation at a time when technology-led information systems and digital businesses are creeping into every aspect of human life. The new EU GDPR replaces the existing Data Protection Directive 95/46/EC as of 25 May, 2018. The European Union aims to harmonize data privacy laws across Europe to empower its citizens and protect their data privacy. In addition to that, it also wants all organizations dealing with the personal data of EU citizens to change their perspective and approach towards data privacy.

Adopting the GDPR marks a major milestone in EU’s data protection laws.

Why the GDPR?

keys.pngThe rising concern of people and Governments regarding data privacy motivated the existence of GDPR. Europe, in general, has always been an aggressive protector of its citizens data. The Data Protection Directive that went into effect in 1995 controlled the way companies were using personal data of their users. Over the last two decades, Internet adoption has increased dramatically transforming the World Wide Web into a major business hub. It quickly became clear that the old directive was not enough to address the many challenges existing in the way businesses collect, store, and transfer data today.

Screen Shot 2018-05-25 at 2.07.52 PM.png
Source: RSA Data Privacy and Security Report

The reality is that public concern over data privacy has grown significantly. As per the RSA Data Privacy and Security Report, 80% of consumers felt that lost banking and financial data was their top concern. However, loss of security and identity information like passwords or passports was a close second and was an area of concern for 76% of surveyed participants.

Screen Shot 2018-05-25 at 2.08.08 PM.png
Source: RSA Data Privacy and Security Report

62% of all respondents said that they would blame the company and not the hacker if their personal data was breached – an alarming update for companies dealing with consumer data. The report concludes:

As modern consumers are better informed they expect more transparency and responsiveness from the stewards of their data.

One point in RSA’s report that directly relates to the existence of GDPR is particularly interesting. It demonstrates how consumers figured out their own countermeasures to deal with a company handling user data inappropriately. According to the report, about 41% of people intentionally falsify information while signing up for an online service. Lack of trust, security threats, a desire to avoid unwanted marketing emails and avoiding the possibility of having their data resold are the major concerns behind these countermeasures.

Screen Shot 2018-05-25 at 2.12.31 PM.png
Source: RSA Data Privacy and Security Report

Modern consumer mentality has evolved to where at they’ are in no mood to forgive a company for failing to prevent a data breach that exposes their personal data. In the U.S., about 72% respondents firmly stated that they will no longer visit or deal with a company that fails to protect their data. Conversely, about 50% of respondents say they are more likely to shop at a company that is serious about how it protects user privacy and safeguards their data.

With increased digital transformation, businesses make increasing use of digital assets, services, and big data. Additionally, consumers are sharing their personal information with a multitude of online platforms using different touch points. Therefore, it has become a key business imperative for a company to stay accountable, responsible, and transparent when it comes to protecting consumer data on a daily basis.

Who is Affected?

The GDPR is in effect from today (May 25, 2018)gdpr.png. The sweeping new set of changes will affect every company from technology to advertising and from medicine to banking. The biggest impact will be on companies holding and processing large amounts of consumer data: technology firms, marketers and the data brokers connecting with them. Additionally, companies whose business models are based on acquiring and exploiting consumer data at large scale are also expected to bear the largest burden.

If your company stores or processes information on EU citizens, then you are required to comply with the new GDPR, even if you do not have any business presence in EU.

The GDPR is applicable to your business or company if your business has

  • A presence in an EU country,
  • No presence in the EU but your business possesses data of EU citizens,
  • More than 250 employees,
  • Fewer than 250 employees but your data processing impacts the rights and freedom of data subjects, not occasional, or includes a certain type of sensitive personal data.

According to a PwC survey, over 90% of U.S. companies with more than 500 employees have taken GDPR compliance seriously.

Recently Propeller Insights conducted a survey sponsored by Netsparker to find out the companies that are expected to be most affected by the GDPR. 53% feel that the technology sector will be severely affected. Online retailers clocked in at 45%, software companies at 44%, SaaS software companies at 37% and companies dealing in retail/consumer packaged goods came in at 33%. The bottom line is: the EU is big and most companies deal with EU citizens either as employees, customers or partners and will be affected by the GDPR.

Effect of GDPR on Third-Party and Customer Contracts

In the new GDPR guidelines, equal liability is placed on data controllers and data processors. If you do business with a third party data processor, which is not in compliance with the GDPR, it means that your business has failed to comply with the GDPR. Besides, the new regulation has mandated strict rules for reporting data breaches that everyone in the data processing chain must abide by.

As a result of the GDPR, the contracts your business has with third parties like Cloud (IaaS) providers, SaaS vendors, or other support service providers and customers; must spell out the shared data protection responsibilities. Moreover, these revised contracts will have to define logical processes that will be used to manage and protect data along with the mechanisms that will be used to report data breaches.

Client contracts also need revision to, ensure these contracts adhere to the new GDPR changes. Business managers, I.T., and security team must understand and agree upon a compliant reporting process.

Ten Steps to Take TODAY

  • Top Management needs to trigger a sense of urgency: The top management in the company responsible for risk management must prioritize compliance with global data hygiene standards and infuse the entire organization with a sense of urgency.
  • Motivate Stakeholders to get involved: Your I.T. department alone is not responsible for preparing the entire organization to be GDPR compliant. Involve marketing, finance, sales, operations and other departments that collect, analyze or use consumer data. Their inputs and suggestions to handle and protect data will help the technical team to implement procedural changes effectively and speedily.
  • Hire a Data Processing Officer: Under new GDPR, it is not clear whether a DPO is a discrete position or not. You can either appoint someone within the company who has worked in a similar kind of role, who could ensure data protection with no conflict of interest or hire a new individual. You also have the option to work with a virtual DPO who could work as a consultant for your company.
  • Perform Risk Assessment: Assessing risks involved in collecting, processing and or managing EU citizen’s’ data is a major step towards GDPR compliance. Once a risk assessment has been performed, your business will understand the options available for mitigating these risks.
  • Mobile Security is a Must: In the modern I.T. environment, more than 68% employees access employee, customer, and partner data on mobile devices, which is a major threat to data protection leading to non-compliance with the GDPR. Employees download third-party applications on their work devices jeopardizing the security of consumer data. Implementing a mobile security framework to protect against unauthorized access to data on the mobile device is a critical component of GDPR compliance.
  • Create a concrete Data Protection Plan: In a perfect world, you already have a solid data protection plan in place. If not, you need to create one right away. If you already have a plan, kudos to you but you should review and update the plan for GDPR compliance.
  • Bring Together a System to Report Progress in GDPR Compliance: Article 30 of the GDPR regulation mandates companies to maintain a record of processing activities under its responsibility. To ensure your company is keeping accurate records you need to establish a team that can monitor places where personal data is being processed, who is processing it, and how it is being processed.
  • Implement Systems to Alleviate Risks: After identifying risks, you need to determine measures that will mitigate them, even if it means revising existing risk mitigating systems. Spotting and investigating the risks associated with data processing and regulating the needed level of security required to protect data becomes easier for the GDPR once you have taken an inventory of risky applications and understood how data is being processed in your organization (Step 7 above).
  • Setup and Test an Incident Response Plan: Under the GDPR, companies need to provide a detailed report regarding any breach of personal data to their local data authority ‘without undue delay’ (within 72 hours of becoming aware of the breach). Don’t wait for an actual data breach to occur – setup a response team and perform drills to make sure it works as planned.
  • Comply with GDPR by eyeing Business Benefit: Undoubtedly, complying with the GDPR will provide a competitive edge to your business. Compliance will not only enhance ROI but will also help in boosting consumer confidence. Moreover, the technical and process changes you will bring about to comply with the GDPR will enhance your organizations’ efficiency to manage and secure data.


The GDPR is here. Compliance is a daunting task; it’s difficult to understand where to start; especially when every facet of the business from staff training to data security audits are involved. This blog will definitely help you to understand GDPR better and implement measures that will make your organization GDPR compliant.


After hours of brainstorming sessions, poring over documents, legal reviews and many gallons of coffee, we are proud to announce that, effective May 25, 2018, frevvo complies with the GDPR.

You can learn more and obtain a Data Protection Addendum (DPA) by visiting our GDPR site.

[Webinar] Generate custom PDFs from your automated workflows


It’s a common requirement among our customers – they love the advantages of online workflows such as dynamic behavior and built-in mobile but need to generate their own PDF document. For example, a Federal W-4 or I-9 during Employee On-Boarding. With frevvo, you don’t have to choose.


Join us on this webinar on June 7 at 1.00 PM EDT. In just 45 minutes (including Q&A), we will:

  • show you examples that customers are using today, and
  • demonstrate how you can drag & drop to easily create your own custom PDFs.

You can generate multiple PDFs, conditionally generate some PDFs and not others (e.g. a state W-4 depending on which state the employee resides in), save these PDFs in back end systems, send them by email etc.

Learn more: Try an example and read detailed documentation on our website.