If your application is hosted by us, our data centre partner will implement the following technical and organisational measures. These measures ensure that data collected for different purposes is processed separately:
Earmarking and separability
physically separate storage on separate systems or data carriers
Logical client separation on the software side
Authorisation concept
Encryption of data records that are processed for the same purpose
Providing data records with purpose attributes / data fields and signatures
pseudonymised data: Separation of the allocation file and storage in a separate and secure IT system
Internal multi-client capability of the system
Functional separation of production and test system
Confidentiality and integrity
The following measures ensure the confidentiality and integrity of the processor's systems:
Encryption
The client's data is encrypted in accordance with the order.
Pseudonymisation
Pseudonymisation means that the personal data is processed in such a way that the data subject cannot be identified without additional information (e.g. use of fantasy names that cannot be assigned to a specific person without additional information).
Pseudonymisation is carried out in the following manner:
Personal data is kept strictly separate from customer master data and sales data. Where possible, personal data is encrypted during electronic transport.
Access control
The following measures are taken to prevent unauthorised persons from gaining access to the data processing systems with which personal data is processed or used:
Alarm system
Camera monitoring and recording with infrared system
Automatic access control system with biometric access data via fingerprint reader
Logging of all inputs and outputs
Subdivision of the areas into 3 access-protected rooms
Access is exclusively through locks
there is staff on site 24×7
Separate and secure rooms for batteries, UPS and power supply
Automatic access control system with chip card
Access control
The following measures are taken to prevent unauthorised third parties from using the data systems:
Assignment of user rights and creation of a user master record for each user
Creation of user profiles
Differentiated authorisations (profiles, roles, transactions and objects)
Password assignments
Password guidelines (regular change, minimum length, complexity, etc.)
Automatic locking (e.g. password or pause function)
Authentification with user name and password
Assignment of user profiles to IT systems
Use of VPN technology for data transmission
Locking external interfaces (USB etc.)
Security locks
Key regulation (key issue etc.)
Personnel check at the gatekeeper / reception
Logging of visitors
Careful selection of cleaning staff
Careful selection of security personnel
Carrying authorisation cards is not permitted
Use of intrusion detection systems
Use of anti-virus software
Encryption of data carriers in laptops / notebooks
Use of a hardware firewall
Use of a software firewall
Access control
The following measures have been taken to ensure that those authorised to use a data processing system can only access the data subject to their access authorisation and that personal data cannot be read, copied, modified or removed without authorisation during processing, use and after storage:
Authorisation concept
Management of rights by system administrator
Regular review and updating of access rights (especially when employees leave the company or similar)
Number of administrators is reduced to the "bare minimum"
Password policy incl. password length, password change
Logging of access to applications, in particular when entering, changing and deleting data
Secure storage of data carriers
Physical erasure of data carriers before reuse
Proper destruction of data storage media (DIN 66399)
Use of document shredders or service providers (if possible with a data protection seal of approval)
Logging of the destruction
Encryption of data carriers
Input control
The following measures can be used to subsequently check and determine whether and by whom personal data has been entered, changed or removed from data processing systems:
Logging the entry, modification and deletion of data
Create an overview showing which applications can be used to enter, change and delete which data.
Traceability of data entry, modification and deletion through individual user names (not user groups)
Storage of forms from which data has been transferred to automated processing Assignment of rights to enter, change and delete data on the basis of an authorisation concept
Order control
The following measures ensure that personal data processed on behalf of the client can only be processed in accordance with the client's instructions:
prior review and documentation of the security measures taken by the processor
Written instructions to the processor (e.g. through an order processing contract)
Obligation of the processor's employees to maintain data secrecy
Processor has appointed a data protection officer
Ensuring the destruction of data after completion of the order
Effective control rights agreed with the processor
Ongoing review of the processor and its activities
Transport and transfer control
The following measures ensure that personal data cannot be obtained or accessed by unauthorised persons when it is passed on (physically and/or digitally):
Use of VPN tunnels
Logging system
Interface analysis
Encryption of the communication channels
Encryption of physical data carriers during transport
Transmission with electronic signature
Transport lock
Availability, recovery and resilience of the systems
The following measures ensure that the data processing systems used function properly at all times and that personal data is protected against accidental destruction or loss:
Redundant uninterruptible power supply (UPS), Green-Power UPS systems from Socomec
Two separate power feeds through 2 sub-distribution boards in each rack
10kw power consumption per rack and more possible
Emergency power supply from 1000kVA diesel generators
Direct neighbour of the transformer station
3-level surge protection - coarse protection in main distribution board, medium / fine protection in sub-distribution boards, optional additional protection via customer's own power connection strips
VESDA system for early detection of smoke development
CO2 fire extinguisher immediately to hand in all areas
VDS alarm systems
Direct alerting of technical staff on site and external employees
Air conditioning of the server rooms with a mixture of direct and indirect free cooling
Cold water supply with energy-saving units from Emerson Networks
Air exchange with the latest generation of devices from Weiss Klimatechnik
Devices for monitoring temperature and humidity in server rooms
Protective socket strips in server rooms
Alarm message for unauthorised access to server rooms
Creation of a backup & recovery concept
Testing data recovery
Creating an emergency plan
Storage of data backups in a secure, off-site location
Robust data backup and recovery concept in place
Data backup measures (physical / logical)
Backup procedure
Mirroring of hard disks using the Raid method
Use of a monitoring programme
Permanent monitoring of proper functionality
Use of CWDM technology for high bandwidth scaling
Routing through modern Juniper routers
Coreswitching with modern Cisco switches
Uplinks optionally in 100Mbit, 1GBit or 10GBit
Redundant network supply through numerous carriers such as Tiscali International or Deutsche Telekom
Peering connections at various exchange points such as DECiX, AMSiX, KleyReX, ViX and NIX
Special data protection measures
These have been submitted in writing:
Internal rules of behaviour
Risk analysis
Data protection impact assessment
Data security concept
Restart concept
Review, evaluation and adaptation of existing measures
The Processor shall review, evaluate and, if necessary, adapt the technical and organisational measures set out in this Annex at intervals of one year and as required.
