As a result of our work, we have a high level of awareness and expertise in current data regulations in several different countries, including the GDPR for the European market. We consult with lawyers on an ongoing basis and keep abreast of what is happening in the market. This also means that in everything we do, we have been able to ensure that all systems comply with the new elements of the GDPR, including “Privacy by design” and “Privacy by default”.
All data is, of course, handled with due regard to the specific GDPR, current legislation and up-to-date security levels. When data is to be exchanged and / or disseminated, SSL, TLS encryption in APIs are widely used on websites, as well as on actual SFTP and FTPS solutions.
For all matters, we work on the basis of concluded data processing agreements to ensure that the data protection law in force at all times is complied with in connection with the transfer and processing of personal data. The data processing agreement sets out the obligations related to the processing and protection of the personal data that we work for our clients, including a clear and unambiguous instruction.