top of page

Technical and
organizational measures

The Processor shall implement appropriate technical and organizational measures to ensure a level of protection appropriate to the risk with regard to the necessary confidentiality, integrity, availability and resilience of the systems and services related to the Processing on a permanent basis.​

​

​

​

1. Confidentiality (Art. 32 (1) b GDPR)

​

​

Entry control

Concrete measures to prevent unauthorized persons from gaining access to data processing systems with which personal data are processed or used:​

  • Locked office building (access only after RFID authentication or with key).

  • 3 times access control to the office (2x RFID (transponder or key card) 1x security key)

  • Logging of the issue of RFIDs/keys

  • Visitor policy: It is not allowed to receive unsupervised visitors in the office building

 

Admission control

Concrete measures to prevent the use of data processing systems by unauthorized persons:

 

  • Locking of laptops in individual offices after closing time

  • Sealing off the internal network against access from outside by means of a firewall with several firewall zones/subnets (configuration according to the prohibition principle with reservation of permission)

  • Use of encrypted connections also in internal networks (transport or application layer encryption, e.g. HTTPS, SSH)

  • Client systems can only be used after personalized, password-supported network authentication (Windows domain login)

  • Policy for secure, proper handling of passwords

  • Enforced regular change of passwords with history (at least 8 characters from 3 character categories, change at least every 90 days, prohibition of already used passwords)

  • Automatic, password-protected screen and computer lock after 10 minutes of inactivity

  • User account lockout after multiple failed login attempts

  • Binding procedure for resetting "forgotten" passwords

 

Access control

Concrete measures that ensure that those authorized to use a data processing system can only access the data subject to their access authorization and that personal data cannot be read, copied, modified or removed without authorization during processing, use and after storage:

 

  • Confidential information is generally only processed in IT systems with an authorization system

  • Authorization concept for application, file and database accesses

  • Binding authorization assignment procedure. Allocation according to the "need-to-know" principle.

  • Binding procedure for assigning and deleting authorizations.

  • Use of graduated authorizations (read, write, change, delete), if sensible and practicable

  • Logging of selected file accesses and main transactions in server systems

  • Binding procedure for restoring data from backup. Restore by IT service provider on instruction of data subject (in the case of project data or personal data to which data subject has access) or management.

 

Separation control

Concrete measures to ensure that data collected for different purposes can be processed separately:

 

  • Data from different customers is processed completely automatically.

  • Logical data separation through storage concept with project directories/databases.

  • Identification of the project and task affiliation of the data

  • Separation of development/test and productive systems

  • No use of productive data on development or test systems​

 

Pseudonymization (Art. 32 (1) a GDBR; Art. 25 (1) GDPR)

Concrete measures to ensure that the processing of personal data can no longer be attributed to a specific data subject without the addition of additional information (provided that additional information is kept separately and is subject to appropriate technical organizational measures):

 

  • Data are fundamentally anonymized. Once the surveys have been completed, there is no longer any link between the e-mail address and the questionnaire.

  • Separation of contact and result data at the earliest possible point in the processing procedure.​​

​

​

​

​

​

2. Integrity (Art. 32 (1) (b) GDBR)

​

​

​

Transfer control

Concrete measures to ensure that personal data cannot be read, copied, modified or removed by unauthorized persons during electronic transmission or while being transported or stored on data carriers, and that it is possible to check and determine to which entities personal data is intended to be transmitted by data transmission facilities:

 

  • In iQ projects, email addresses are optionally processed. These can only be uploaded directly in the application. No transmission of sensitive data takes place.

  • Hard disk encryption (Bitlocker) for all laptops as well as for servers to a limited extent.

  • No mobile data carriers such as secure sticks or similar are used. Non-anonymous data is processed exclusively on the servers.

  • If required, data encryption of individual stored files

  • Encryption of backup media

  • Secure deletion of data media before disposal or other use

  • Data protection-compliant destruction (shredding) of data media and documents that are no longer required by professional disposal companies (data media are destroyed exclusively on site in the presence of an employee)

 

Input control

Concrete measures to ensure that it is possible to check retrospectively whether and by whom personal data can be entered, modified or removed in data processing systems:

 

  • Organizational definition of input responsibilities

  • Versioning of files

  • Logging of main transactions and entries/changes/deletions

  • Access control and tracking of all data protection-relevant processes in iQ 

​

​

​

​

3. Availability and resilience (Art. 32 (1) b GDPR) 

 

​

Availability control

Concrete measures to ensure that personal data is protected against accidental destruction or loss:

 

  • Placement of servers in professional data centers of our partners

  • Limiting access to server premises to necessary personnel only

  • Use of standard hardware and software from leading providers

  • Conclusion of maintenance contracts with software and hardware manufacturers with corresponding response times

  • Use of uninterruptible power supplies. Additional power generator in the data center

  • Maintenance of a disaster manual by our partners

  • Infrastructure is redundant and monitored 24/7

  • Automated standard routines for regular updates of protection software (e.g. virus scanner)

  • System hardening (deactivation of unnecessary components)

  • Regular updates and patches

  • Use of defined maintenance windows for implementation of updates/patches

  • Expert use of protection programs (virus scanners, (NG) firewalls, encryption programs, spam filters) 

 

Rapid recoverability (Art. 32 (1) c GDPR)

  • Use of redundant network infrastructure (switches, firewalls, load balancers)

  • Redundant data connections in the data center as well as redundant power supply and power generators

  • Use of load balancers

  • Use of redundant servers (clusters) to increase performance and availability

  • Use of snapshots for system backup when implementing updates/patches

  • Backup and recovery concept with weekly full backup and daily incremental backup and disaster-proof storage of data media

  • Partial mirroring of data between data centers 

 

 â€‹

 

4. Procedures for regular review, assessment and evaluation (Art. 32 (1) d GDPR; Art. 25 (1) GDPR).

​

​

  • Data protection-friendly default settings (Art. 25 (2) GDPR)

  • Concrete measures to ensure that, as a matter of principle, only personal data whose processing is necessary for the specific processing purpose in question is processed by means of default settings and that personal data is not made accessible to an indefinite number of natural persons by means of default settings without the intervention of the individual:

  • Quarterly review of a sample of technical and organizational measures.

  • Management is involved in appropriate communication, escalation and decision-making processes in a sufficiently informed manner and ensures that data protection-related tasks and obligations can be carried out to the required extent and with sufficient quality

  • Monitoring of security indicators that threaten the processing of personal data so that incidents (e.g., system/operational malfunctions, virus/malware incidents) can be responded to quickly​​

 

Order control

Concrete measures to ensure that personal data processed on behalf of the customer can only be processed in accordance with the customer's instructions:

  • Contractual obligation of employees to use data exclusively for the lawful performance of the activities assigned to them.

  • Instructions to employees with access

bottom of page