Data protection and privacy
We take our responsibilities as both data controller and data processor very seriously and will continue to work to ensure that our digital world is one where the right to privacy is respected and treated as a fundamental condition for any data processing.
Information security forms the foundation for safeguarding data, based on the key principles of protecting that data’s confidentiality, integrity and availability. All our employees have had the understanding of, and respect for information security instilled into them during their education and/or through their work at Netcompany. Netcompany’s information security management system is based on the international standard ISO/IEC 27001 and covers all entities. It is implemented through several processes which are integrated in the Netcompany Methodology. This methodology incorporates data protection security through a complete set of guidelines, tools and templates that define the way we plan, deliver, manage and document complex integrated IT solutions. It ensures compliance and continuity in the employees’ daily work processes and provides both reassurance and documentation for the protection of data.
The responsibility for information security management lies with Netcompany’s management, specifically our Security Committee that is responsible for the implementation and maintenance of our security management system. The Security Committee meets at least four times a year to discuss topics such as the effectiveness of implemented processes, risk management, etc.
In 2020, Netcompany was certified under ISO/IEC 27001, and we upheld our certification for all entities in 2021. We take great pride in being able to show our customers and other stakeholders that we comply with the ISO/ IEC 27001 information security requirements and that they can trust us with the protection of their data.
Data ethics policy
Last year, Netcompany implemented a Data Ethics Policy, which we also chose to report on even before we were required to do so. This policy is based on three key principles: security, integrity and trust. We run internal audit controls to secure compliance with both information security and data protection requirements, and all our employees are continuously trained in the Netcompany Methodology. In addition to these measures, we have all data securely stored at two different data centres to ensure that data availability is always upheld in the unlikely event of technical failures. We do not sell or profit from data in any way, and our use of artificial intelligence and machine learning follows our data ethical principles and policy. With this year’s reporting on our Data Ethics Policy, Netcompany Group A/S and Netcompany A/S comply with the requirements under section 99(d) of the Danish Financial Statements Act.