Technical and organisational measures pursuant to Article 32 of the GDPR
1. General considerations
The customer as data controller and Personio as data processor must take suitable technical and organisational measures pursuant to Art. 32 GDPR, in consideration of the state of technology, the implementation costs and the type, scope, circumstances and purposes of processing, and of the likelihood of occurrence and severity of the risk for the rights and freedoms of individuals.
In so doing, the customer is itself responsible for identifying and implementing its own suitable measures according to Art. 24 GDPR. To this end, Personio recommends the following measures by relevant guidelines and standards, and adhering to best practise security measures outlined in ISO/IEC 27002.
Personio is ISO/IEC 27001 certified, attesting to our commitment to international standards in information security management.
Below we present the measures that Personio itself has taken to ensure security of data.
2. Technical and organisational measures
Personio has implemented the following technical and organisational measures to ensure encryption and pseudonymization, confidentiality, integrity, availability and capacity, recoverability, as well as appropriate procedures for verification.
Measure to ensure data privacy using technology design and default settings
Appropriate technical and organisational measures must be taken that meet the requirements of the GDPR, as well as ensuring through appropriate default settings that only personal data that is required to be processed for the respective specific purpose of processing is processed.
Personio takes into account the requirements of Art. 25 GDPR already in the conception and development phase of product development. This is ensured by proactive involvement of the legal department, the Privacy Team, and also the Information Security Team. In so doing, processes and features are designed so that data privacy principles such as legitimacy, transparency, purpose limitation, data minimisation, etc., as well as the security of the processing are taken into consideration early.
Measures to ensure confidentiality
Confidentiality pertains to safeguarding of information from unauthorised disclosure, ensuring that it remains accessible solely to those authorised to access it.
2.1. Organisational control
Guarantee that the in-house organisation meets the special requirements of data privacy.
a. Company directives (pursuant to 5 and 6 ISO/IEC 27002:2017)
The goals for data privacy and information security are set out in data privacy and information security policies, and they are binding for all employees of Personio. In addition to this, further company guidelines and procedures have been implemented in order to give employees specific instruction regarding the processing of personal data (e.g., guidelines on home-based work and telecommuting or guidelines on use of IT, Internet and e-mail).
b. Appointment of a Data Protection Officer pursuant to Art. 37 GDPR
Personio has appointed a Data Protection Officer and details of our Data Protection Officer can be found on our website. The Data Protection Officer works toward compliance with data privacy provisions and performs duties in accordance with Art. 39 GDPR.
c. Obligation to confidentiality and data privacy
All employees are obligated in writing, when their employment contract is issued or at the latest when they start work, to comply with confidentiality and data privacy, as well as other relevant laws. The obligation continues beyond the term of employment. Personio ensures appropriate written terms are in place with third parties in relation to aspects of confidentiality and data privacy.
d. Data privacy training sessions
Every employee of Personio receives regular security awareness training, and additional data privacy training. Employees from sensitive areas, such as the Human Resources, Product Development or Customer Service departments, also receive as needed separate information and training sessions on specific specialised topics.
e. Restriction of private and company use of communications devices
Personio employees are not allowed to use the company email system for private use. The internet system and telephone services may only be put to private use subject to certain restrictions. In this regard, a separation of private and company data must be strictly observed. Personio employees must only access customer personal data when using Personio owned and managed devices. Use of personal devices is not allowed when dealing with customer personal data. Moreover, Personio employees are not allowed to process personal data or the customer’s other data on private communications devices. Personio employees commit to comply with corresponding guidelines.
f. Personnel security
Personio implements measures before, during and after employment to ensure staff security. As a rule, this includes:
● Verification and confirmation of stated academic and professional qualifications,
● Contractual agreements on determining responsibilities and rules for behaviour,
● Implementation of measures for training, raising awareness and monitoring,
● Process of raising awareness of and sanctions for breaches of data protection law, and
● Carrying out a documented off-boarding process (including taking back of keys, withdrawal of access rights, ensuring of sufficient documentation, surrender and passing on of data, information and knowledge, etc.) upon termination of the employment relationship.
2.2. Encryption of personal data
Guarantee that personal data are stored in the system only in a manner that does not enable third parties to assign it to the data subject.
a. Key management
Personio implements a guideline on use of cryptographic procedures for the use, protection and long life of keys, as well as for the use of encryption procedures according to the status of technology. According to these guidelines, the creation and management of the master key is handled outside of the infrastructure as a Service Provider used by Personio, and also outside of the data centre provider. Transfer of the key outside of the virtual private cloud and the storage within the infrastructure used is carried out exclusively in encrypted form. The access to the key management is logged and automated, and in the event of a specific suspicion it is checked for irregularities by staff authorised by Personio. The corresponding keys are rotated at regular intervals, and the keys used up to now are invalidated and removed immediately. Moreover, keys are strictly separated by networks and databases (e.g., no transfer of a key into another network). In the context of a regular security check it is ensured that the measures for key rotation are effective and the old keys are removed properly.
b. Database and memory encryption
All databases used by Personio use state-of-the-art “at rest” encryption so that the data from the database
can only be read after proper authentication on the respective database system. The storage media used to store documents are likewise encrypted at the file system level. Backups of the database systems are stored exclusively in encrypted form.
c. Transfer of data using encrypted data networks or tunnel connections (“data in transit”)
All personal data that is transferred from the Personio application to a customer or to other platforms over an unsecured or public network, are transferred exclusively in encrypted form. This applies especially for access to the customer or administration system. Personio guarantees the use of a state-of-the-art encryption method that depends on the encryption algorithm compatible with the customer (currently HTTPS connections or Transport Layer Security (TLS), key word “downward compatibility”; the customer is responsible for using end devices/ browsers compatible with Personio’s encryption method). Administrative access to Personio’s server systems, as well as the transfer of backups are only carried out over encrypted connections, e.g., Secure Shell (SSH) or Virtual Private Network (VPN). A VPN connection is used for access to customer systems at all times. Only VPN servers that are under Personio’s direct control are used for this. The use of public VPN providers is not permitted.
d. Data carriers and mobile device control
Data carriers containing personal data are stored in secure locations that prevent access to these carriers by unauthorised persons.
Personal data shared on mobile devices and data carriers (referring to laptops and smartphones) are required to be encrypted. The use of any type of private internet or cloud storage for the storage of such data is prohibited, even on a temporary basis. Confidential data will never be stored on private storage media or end devices.
Personal data that is no longer required is deleted. Electronic storage media and paper documents that are no longer required are disposed of, destroyed or made unusable in such a way that it is no longer possible to gain knowledge of the data stored or contained on them.
e. Encryption of data carriers on laptops
An appropriate, state-of-the-art hard drive encryption is set up on all employee laptops.
f. Encrypted exchange of information and files
The exchange of information and files between customers and Personio takes place, as a rule, in directly encrypted form using the Personio application (see c.). If the customer’s personal data or confidential information that cannot be sent using TLS encrypted HTTPS uploads must be transferred to servers, then this information is transferred with Secure File Transfer Protocol (SFTP) or another state-of-the-art encrypted mechanism. The customer is responsible for requesting or providing this secure data transport, if needed.
g. Email encryption
In principle, all emails sent by Personio employees or within Personio applications are encrypted with TLS. There may be exceptions if the receiving mail server does not support TLS. The customer must ensure that the mail servers used for the software service support TLS encryption.
2.3. Admission control
Denying admission to IT systems and processing facilities with which the processing is carried out to unauthorised persons.
a. Electronic door protection
As a rule, the entry doors to Personio’s premises are locked and electronically secured. The doors are opened using a personal electronic key.
b. Controlled key assignment
Key assignment to Personio employees is handled centrally and documented. These electronic keys can be deactivated centrally by workplace management or human resources department.
c. Supervision and accompaniment of external persons
External parties may only enter with prior authorisation and accompanied by an employee of Personio.
d. Physical access control
Physical secure areas (zones) are defined on the basis of information security and data protection requirements. There is protection against unauthorised access by appropriate physical safeguards. The physical security concept distinguishes between public areas, controlled areas and high risk zones, which are further restricted internal areas.
Secure zones are defined on the basis of the protection needs of the information assets housed or made accessible within them.
Depending on the specific zone classification, selected or all of the following security features are implemented:
Access restriction through personalised access,
Video surveillance and door-open sensors at access points,
Privacy screens or view guards on potential confidential information, and
Further access restriction on high-risk zones.
e. Visitors and delivery
Visitors and delivery procedures are in place to prevent unauthorised persons from accessing internal areas without the accompaniment by a current employee of Personio, the individual’s details are also collected.
2.4. Access controls
Prevention of unauthorised use and processing of protected data under data privacy law.
a. Authentication Mechanisms
All data processing systems are equipped with a secure authentication mechanism, such as password protection and multi factor authentication (MFA). Defined procedures are employed to authorise access to information, adhering to the principle of need-to-know. Special protocols are established for granting access rights to privileged systems, such as those controlling critical processes or managing access rights for other systems.
b. Secure Password Policies
For authentication on data processing systems (IT systems), stringent password policies are implemented. Secure passwords, resilient against dictionary attacks and devoid of consecutive letters or digits, are utilised. Passwords are changed promptly upon suspicion of compromise, ensuring past passwords are not reused. Two-factor authentication is enforced to enhance security measures.
c. Clear Desk & Screen Policy
A "clear desk & screen policy" is enforced to maintain physical security standards. When departing the workplace, all in-use computers must be locked (screen lock). Additionally, screen locks are automatically activated after a maximum of 5 minutes of inactivity. Documents containing confidential information are encouraged to not be printed and to not be left open or unattended on desks or in freely accessible storage areas, reducing the risk of unauthorised access.
d. Designation of persons authorised to support and give instructions and corresponding authentication
The customer can determine persons authorised to support and give instructions using system settings, who can issue instructions to Personio according to the contractual documentation. Classification as a person authorised to support and to give instructions takes place using the contact data stated by Personio (e.g., name, email address, telephone number, user identifier). The customer service team from Personio accepts instructions or issues information exclusively from/to the designated persons and to verify their identity accordingly in advance. For telephone queries, the individual telephone PIN stored in Personio must be verified in advance.
d. Prohibition of disclosure of passwords and of use of “shared accounts”
The prohibition of disclosure of passwords applies to both users of Personio and also employees of Personio, and the use of so-called “shared accounts” for access to customer, admin and administrative systems is also prohibited (i.e., only personal and individual user login can be used when logging in to the system.)
e. Use of anti-virus software
Personio employee’s laptops are equipped with anti-virus software on all IT systems of the company or used within the company, which is regularly updated
In principle, no computers may be operated without resident virus protection, unless other equivalent state-of-the-art security measures are taken. Prescribed security settings may not be deactivated or bypassed.
f. Public wireless networks and connection with the company network
Personio employees are highly discouraged from connecting to public wireless networks, but may do so over a VPN connection provided by the organisation.
2.5. Access control
Guarantee that the persons authorised to use an automated processing system only have access to the personal data included in their access authorisation.
a. Roles and authorisation concept
i. Roles and authorisation concept customer system
The customer’s administrators can individually configure a multilevel role concept for assigning rights, and in the process distinguish between viewing, suggestion and processing rights for individual users according to the function or department within Personio.
ii. Roles and authorisation concept admin system
The access to the admin system is, as a rule, restricted to trained employees in the customer service and product teams. Employees from the sales and finance team have access to customer systems using the admin system only during the trial period or to corresponding billing data, and hence they cannot view customer data.
iii. Roles and authorisation server/ database system
The access to the server/database system is, as a rule, restricted to a limited number of trained employees in the product team.
b. Controls of access authorisation for Personio to customer systems by the customer
The customer has the option of deciding via the system settings in the customer system whether Personio can access the customer system. In this process, the authorisation of access is deactivated as a default setting, and it can be activated or deactivated at any time by Personio users who are authorised by the customer.
c. Assignment of access rights
At Personio, the assignment of access rights is carried out as a rule according to the “need-to-know” principle. Hence only persons who demonstrably need access receive access and only as long as they need it. Access authorisations are documented centrally and are withdrawn by the administrator immediately after expiry of the need for access. Access is restricted to the minimum necessary privileges. Access to the admin system or server/database system is enabled by the management, the senior leaders of the product or the information security team and this takes place as a rule using the 4-eyes principle. The administrators or the Information Security team check regularly whether authorisations that have been granted are still required. Moreover, supervisors are obligated to apply for appropriate correction of authorisations with the IT team if employees’ duties are modified. If employees leave the company, then the Human resources team notify the administrators promptly of pending changes, so that the corresponding authorisations can be withdrawn. Authorisations must be revoked if possible within 24 hours of the employee’s leaving the company.
d. Host-based intrusion detection system (HIDS)
Each server system is equipped with a host-based intrusion detection system. This system monitors at least the parameters, such as conspicuous system log entries, signatures of known rootkits and trojans, anomalies in the device file system or brute-force attacks. All parameters are assessed in real time except for modifications in file systems. File systems are verified at least once per day. In the case of anomalies, the responsible employees of Personio are notified immediately by e-mail message.
e. Use of a packet filter firewall
Personio’s servers are protected by packet filter firewalls, which ensure that no services are accessible directly from the internet. Publicly accessible services are routed through load balancers or bastion hosts, which only permit the logs that are needed for the respective device.
f. Logging of login and logout processes
Attempts to log in and out of admin, customer and server systems/software are logged (at least with email address, user ID, IP address, result of the login attempt and time stamp), and this log is currently stored for up to 30 days. These logs can be analysed on request and/or if there is a specific suspicion.
2.6. Separability
Guarantee that personal data collected for different purposes can be processed separately and are separated from other data and systems so as to prevent unplanned use of these data for other purposes.
a. Separation of development, test and operating environments
Data from the operating environment may only be transferred to test or development environments if they have been completely anonymised before transfer. Anonymised data must be transferred in encrypted form or over a reliable network. Software that is to be transferred into the operating environment must first be tested in an identical test environment. Programs for error analysis or creation/compiling of software may only be run in the operating environment if this cannot be avoided. This is the case above all if error situations are dependent on data that have been corrupted due to requirements for anonymisation when transferring into test environments.
b. Separation in networks
Personio separates its networks according to tasks. In this process, the following networks are used long term; operating environment (“production”), testing environment (“staging”), office IT employees, office IT guests. In addition to these networks, further separate networks are created as needed, e.g., for restore tests and penetration tests. Separation of networks is achieved, according to technical possibilities, either physically or using virtual networks.
c. Customer separation by software
Personio ensures the separate processing and storage of data of different customers using a logical customer separation based on multi-tenancy architecture. In this process, the classification and identification of the data is handled using the assignment of a non-ambiguous identifier to each customer (e.g., customer number/ “company ID”). The architecture is safeguarded by implementation of integration tests that ensure that no database queries are carried out without query and classification to this identifier, and the risk of bypassing client separation due to programming errors is minimised. In addition, regular security audits and binding code reviews (4-to-6 eye principle) provide security for the architecture.
Measures to ensure integrity
Integrity designates the ensuring of intactness (integrity) of data and the correct operability of systems.
2.7. Control of transport and disclosure
Guarantee that the confidentiality and integrity of data is protected when transferring personal data, as well as when transporting data carriers
Pseudonymisation and anonymisation
Measures for pseudonymisation and anonymisation of personal data are implemented to the extent necessary. Data in development environments used for testing purposes is anonymised or pseudonymised wherever possible
Transfer and dissemination control
Mechanisms to secure data traffic and communication connections, as well as to monitor and log activities in networks, have been established to the necessary extent. Where appropriate, firewalls and intrusion detection and prevention systems (IDS / IPS) are implemented.
Secure end-to-end encryption of personal data transmitted via public communication networks is ensured. When establishing secure connections (VPN tunnels) providing access to IT resources via public networks, two-factor authentication is employed as standard practice. When transporting personal data stored on data carriers, encryption is utilised among other measures to safeguard the data against unauthorised access, manipulation, or loss.
c. Prohibition of disclosure to unauthorised third parties
Disclosure of personal data at the customer’s order may only take place within the scope of instructions and to the extent required for provision of the contractual services for the customer. Disclosure of personal data from the assignment to unauthorised third persons, e.g., through storage in another cloud memory, is especially prohibited.
2.8. Input control
Guarantee that it can be verified and determined afterward which personal data have been input or modified in the automated processing system when and by whom.
a. Logging of system activities within the admin and customer system, as well as assessment
Significant system activities are logged (at least: user ID, rights according to role concept, IP address, system components or resources, type of activities carried out, as well as timestamp) and currently kept for up to 30 days. This includes especially the input, modification and deletion of data, users and authorisations, as well as the modification of system settings. If requested or if there is a specific suspicion, an appropriate analysis of the logs can be conducted.
Measures to ensure availability
Services, functions of an IT system, IT applications or IT networks or also information are available if these can always be used as intended by the users.
2.9. Availability controls
Guarantee that personal data are protected from accidental destruction or loss.
a. Data security procedures/ backups
To ensure appropriate availability, Personio implements a backup concept for the database with the customer’s data stored on it at least every 30 days, as well as the storage medium with corresponding stored documents in accordance with the state of technology.
Data backups of databases and operating system images are taken to the extent required and with the aim of preventing the loss of personal data in the event of a technical malfunction or human error. Backups are performed for network drives and servers in productive operation, and the performance is logged and monitored. The recovery of data data backups is tested on a periodic basis.
b. Geo-redundancy in relationship with server infrastructure of the productive data and backups
To ensure geo-redundancy in the event of an unforeseen event, e.g. a natural disaster, Personio ensures that appropriate requirements for spatial separation in relation to the server infrastructure of the production data and backups are observed. This can be ensured by using different computer centres at sufficient distances or by computer centres of different availability zones.
c. Capacity management
There is capacity management including monitoring and automatic notifications of responsible Personio employees in the event of capacity bottlenecks.
d. Warning systems for monitoring of the accessibility and conditions of the server systems
There are warning systems for monitoring of the accessibility and conditions of the server systems. If there is downtime, engineering is notified automatically so they can take troubleshooting measures immediately.
e. IT malfunction management (“incident response management”)
There is a concept and documented procedures for handling malfunctions and security-related incidents.
These include especially the planning and preparation of response to events, procedures for monitoring, detection and analysis of security-related incidents, as well as the determination of the corresponding responsibilities and channels for reporting in the event of a breach of protection of personal data in the context of legal requirements.
f. Further measures to ensure the availability in data centres
An automatic fire detection and fire-fighting system is installed in the data centre. The fire detection system uses smoke sensors throughout the entire surroundings of the data centres, in mechanical and electrical areas of the infrastructure, cooling rooms and also in the rooms where the generators are housed. All electricity supply systems have a redundancy measure. An interruption-free electricity supply ensures that critical areas of the facilities are supplied with electricity in the event of a power failure. Moreover, the data centre is equipped with generators that can supply the entire facilities with emergency electricity. The data centre is also equipped with climate control and temperature control. Preventive maintenance measures are carried out to guarantee the continuing operation of the facilities.
2.10. Recoverability
Guarantee that systems used can be recovered in the event of physical or technical malfunctions.
a. Regular tests of data recovery (“restore tests”)
Regular, complete restore tests are conducted to ensure the recoverability in the event of an emergency/ catastrophe.
b. Emergency plan (“disaster recovery concept”)
There is a concept for handling emergencies/ catastrophes, as well as an appropriate emergency plan. Personio ensures the recovery of all systems on the basis of data security/ backups, as a rule within 24 hours.
Measures for verification and evaluation
Presentation of procedures for regular verification, assessment and evaluation of the effectiveness of technical and organisational measures.
a. Data Privacy and Information Security Team
A data privacy and information security team is set up for planning, implementing and assessing measures in the field of data protection and data security and making adjustments.
b. Risk Management
There is a process for analysis, assessment and classification of risks in order to derive measures based on these risks and regularly assess the effectiveness of these measures in the context of Personio’s data protection and information security management system.
c. Independent verification of information security
i. Conducting audits
Internal audits on data protection and information security are conducted on an annual basis by an external party to ensure an independent and unbiased review of our Security Program. The audits are conducted using common audit criteria /schemes (especially legal requirements of the GDPR security standard, etc.), and compliance with the requirements outlined in international standards such as ISO/IEC 27001.
ii. Verification of compliance with security guidelines and standards
Compliance with the security guidelines, standards and other security requirements that must be applied respectively when processing personal data is verified regularly. These take place when possible using random samples and unexpectedly.
iii. Verification of compliance with technical requirements
A member of the Information Security team conducts regular automated and manual scans for vulnerabilities to verify the security of applications and infrastructure, as well as the regular on-going development of the product. An external service provider conducts detailed penetration tests as needed in order to inspect applications and infrastructure in a targeted manner for vulnerabilities.
iv. Process for continual improvement of the data privacy and information security management system
The data protection and information security processes also include a regular verification and assessment of the technical and organisational measures taken. This also includes an improvement and suggestion system in which employees can participate. In this manner Personio guarantees continuous improvement of the processes for handling personal data.
d. Control of assignments
Guarantee that personal data that are processed on assignment can only be processed according to the customer’s instructions.
i. Processing on instructions
Personio employees are instructed to process the customer’s personal data only if there are documented instructions from an authorised Personio user. In accordance with applicable documentation, Personio may receive the customer's instructions in writing, or in the electronic formats offered for this purpose by Personio. Oral instructions are only permitted if time is short, and the customer must confirm them promptly in writing or in an electronic format offered by Personio.
ii. Diligent selection of suppliers
The engagement of suppliers is handled when outsourcing on the basis of a diligent selection process in collaboration with the Information Security team, Procurement team, the Privacy and Legal team according to established criteria, especially regarding data protection and IT security, including but not limited to the following:
● Checking of documentation and compliance with technical and organisational measures pursuant to Art. 32 GDPR
● According to the level of protection and scope of the personal data, if possible, commissioning of only ISO/IEC 27001 certified companies (this applies in all cases for data centres). A risk assessment is likewise conducted for the respective suppliers to prevent risks during the process, if the third-party provider works regularly with personal data.
iii. Processing by assignment pursuant to Art. 28 GDPR
The use of a subcontractor may only take place in accordance with the data protection terms agreed between Personio and the customer in accordance with Art. 28 GDPR.
iv. Conducting regular checks/ Requiring evidence
Before the procurement of any new sub-contractor and afterwards at regular intervals Personio will make sure of compliance with technical and organisational measures by the sub-contractors that it employs or have evidence of these submitted.
General information
Pursuant to Article 32 of the GDPR, Personio implements a series of technical and organisational measures to ensure a level of protection appropriate to the risk to the rights and freedoms of natural persons.
Additionally, pursuant to Article 46 of the GDPR, Personio implements additional technical and organisational measures based on the recommendations on supplementary measures developed by the European Data Protection Board for the transfer of personal data to third countries. Such measures are implemented to satisfy the judgement of the Court of Justice of the European Union in Case C-311/18, also known as Schrems II, related to the use of legal instruments for the transfer of personal data to third countries.
The additional technical and organisational measures are necessary as Personio GmbH & Co. KG ("Personio") may transfer personal data to its subsidiary based in the United States, Personio Corp. It is important to note that all customer personal data resides in the EU.
Technical and organisational measures according to Art. 32 GDPR
Personio has taken the following additional technical and organisational measures within the meaning of Article 32 of the GDPR and the supplementary measures following Schrems II.
1. Measures to ensure confidentiality
Guarantee that the in-house organisation meets the special requirements of data privacy when dealing with data transfers between Europe (European Union and the UK) and third countries.
1.1 Transport encryption
a. Policy directive
Personio’s information security policies mandate the encryption of personal data both in transit and at rest. Policy measures exist to determine the protection of personal data when an employee resides in a third country.
b. Zero-trust based access technology implementation
Further measures are in place when handling personal data. Two layers of encryption are deployed in such cases, where the application layer encrypts traffic using TLS v1.2 or higher, and the network layer encrypts traffic using Zero-Trust based access technology.
1.2 Access restrictions
a. Role and authorisation concept
The role and authorisation concept was updated to ensure the differentiation between Personio members of staff situated in Europe and in third countries. Access from third countries is restricted and segmented.
b. Network segregation
Systems that process and store personal data are identified and protected with location aware authentication. Access to such systems is only possible when using company provided Zero-trust access technology.
c. Technology enforcement
Personio’s computers are hardened with centralised management software in the form of endpoint protection. This enforces the installation of security guidelines and the use of Zero-trust based access by employees residing in third countries.
1.3 Data transfer restrictions
a. Policy directive
Personio’s information security policies include rules that control the movement of personal data to a third country.
b. Device control
Personio’s computers are technically configured to block data transfers to removable media, such as USB sticks and external hard drives.
1.4 Kill switch mechanism
a. Access revocation process
A process for revoking access is in place in case access to personal data from personnel residing in a third country must be immediately cut off. Management and execution of such a process resides in Europe and no third country personnel is necessary to deploy the enforcement.
b. Technical procedures
Personnel within Europe follow documented and proven technical procedures in order to execute the revocation process at any time it is required. The process is reviewed periodically by Management as part of the security program’s continuous improvement process.
1.5 Global access management in the EU
a. Policy directive
Security policies are enhanced to determine, for all systems containing personal data, that the technical administration is also performed by personnel within Europe.
b. Centralised access management
At all times, for all systems containing personal data, personnel are employed within Europe to perform system administration tasks alongside employees residing in third countries. This ensures compliance with the access revocation process for potential administrators residing in third countries.
Version 30-04-2024