We are data controller for our own personal data as well as data processor and sub-processor for our customers data. Data protection is an integral part of our systems and our service package.
As data controller, we collect, store and process data about employees, customers and business partners. Our legal basis is contractual, legal and legitimate. We keep information about name, company, contact information and potential minutes of meetings and conversations. As a data processor, we store and process data about employees, customers, business partners and candidates on behalf of, and under the instructions from, our customers. Our legal basis is contractual and legal. Our storage and processing of data is regulated by individual data processing agreements with all our customers.
Since 2006, we have been subject to a voulentary external IT security audit. This means that we can document compliance with applicable legislation through an independent IT revision statement. This is done every year in cooperation with Deloitte, and since 2019 we follow the standard agreed on between FSR and the Data Inspectorate. Our statement is delivered with a high degree of security, and we are one of the only suppliers who can document compliance with the provisions of the data protection law on the storage and processing of personal data at such a high level.
If you use one of our systems, then you know that the security is in order, and you can include the statements we send to you annually in your own IT audit. Thereby saving you a lot of cost and hassle. You also know that we take your data at least as seriously as yourself, which is your security.
If you are a customer of one of our customers, or if you are registered as a candidate in one of our customers PeopleTrust system, then you know that your data is stored in accordance with current legislation and that our customers can document this. This is your safety and guarantee that your data is taken seriously.