Meeting the highest standards for data protection and data security is not just a legal requirement – it’s also smart business. As a technology and service provider, we ourselves see it as our responsibility to meet the highest standards for compliance issues. These include, among others, the maximum requirements for information security, availability and retention, the inclusion of privacy by design in all of our customer projects, and data protection-friendly functions and presettings in our real-time marketing automation technology, ELAINE.
DATA PROTECTION & DATA SECURITY
Highest standards for data protection and data security
We would be happy to help you meet legal regulations in your digital dialogue marketing. Leading companies with the strictest compliance standards rely on our technology and expertise, including companies from highly regulated markets such as the financial sector, like ING-DiBa, the Generali Group and even large corporations like the BMW GROUP, which have special compliance requirements due to their complex corporate structures.
Certified under ISO 27001 and ISO 27018
ISO/IEC 27001 is the international standard used to assess and certify the management of information security processes in companies. In addition to information technology, ISO/IEC 27001 also includes the relevant business processes in particular and describes the requirements in place for the organisation and technical systems, as well as the activities that are suitable for permanently guaranteeing the security level determined on the basis of a risk assessment.
ISO/IEC 27018
ISO 27018 is a standard that specifically regulates the processing of personal data in cloud environments. It stipulates strict legal data protection requirements for providers of cloud services and describes monitoring mechanisms and guidelines for the implementation of measures that ensure the protection of personal data in a cloud environment. The standard includes legal data protection requirements from the General Data Protection Regulation and adapts these specifically for information security risks in the cloud computing field.
Whitelisting – CSA-Certified
We meet the standards of the CSA and have therefore been certified as a sender by the CSA, so that our customers benefit from whitelisting and other advantages of CSA certification. As a certified CSA member, we help you ensure that your marketing and service emails get delivered.
Software hosted in Germany
As such our real-time marketing automation technology, ELAINE, has been certified with the ‘Software hosted in Germany’ seal.
SGB-compliant data processing by assignment
Through our solutions we offer SGB-compliant data processing by assignment, which takes into account all of these special legal data protection requirements.
Location and privacy code of conduct
With the location and privacy code of conduct, we commit ourselves to obtaining the consent of the customer to collect their location data, and then collecting and analysing location-related data only within a permissible scope and using adequate measures to protect this data from misuse. We want to protect users’ privacy and ensure transparent user communications.