Data protection and privacy
Information security
Information security forms the foundation for safeguarding data, based on the key principles of protecting that data’s confidentiality, integrity, and availability. Our information security management system is based on the international standard ISO/IEC 27001. It is implemented through several processes which are integrated into the Netcompany Methodology. The methodology incorporates data protection security through a complete set of guidelines, tools and templates that define the way we plan, deliver, manage, and document complex integrated IT solutions. It ensures compliance and continuity in the employees’ daily work processes and provides both reassurance and documentation for the protection of data. We have a Security Committee responsible for information security management including implementation and maintenance of our security management system. The Security Committee meets at least four times a year to discuss topics
All entities are certified under ISO 9001. The ISO 9001 certification is for a quality management system and sets out multiple principles on quality management to ensure all customer and other stakeholder needs are met within statutory and regulatory requirements.
All entities are certified under ISO/IEC 27001 and ISO 9001.
Data ethics policy
Our daily operations are based on a highly detailed security policy and organisational procedures, all of which comply with the international security standard ISO/IEC 27001. We process data with the utmost respect for the sensitivity of the data and any privacy rights – to make sure we earn the trust of our customers, employees, shareholders, and any other stakeholders. We run internal audit controls to secure compliance with both information security and data protection requirements, and our employees are regularly trained in the Netcompany Methodology.
Data is securely stored at two different data centres to ensure data availability in the unlikely event of technical failures. We do not buy data from third parties or sell customer data to third parties.
