Data Privacy

img

Data Security

Securing client data is crucial to People Intouch’s business. Some key elements of our approach to Data Security:

  • A Security Policy,
  • An internal Security Officer (CISSP certified) reporting directly to management
  • An external advisory security expert group
  • Regular penetration testing (at least annually)
  • Regular code inspection (at least annually)
  • Security and Data Protection certificates (ISAE3000, EuroPriSe)
  • High level encryption
  • All data is processed on servers in The Netherlands
  • A second Data Centre for disaster recovery

Servers

All the data is stored on servers in the Netherlands (EU). The servers are housed in two certified datacentres. People Intouch owns and hosts the servers.

People’s Business

Working with and processing confidential information is our core business. Confidentiality is what  our day-to-day work is all about.

Need to Know

All access to data has been set-up and is controlled following the need-to-know principle.

ISAE3000 and EuroPriSe

On top of our  ISAE3000 assurance, People Intouch was  granted the European Privacy Seal (EuroPrise). Quoted from EuroPriSe themselves: “EuroPriSe has developed into a well-established and renowned certification program for IT products, services and websites with its network of 100 accredited experts in 18 countries. At this time, when there is less than a year to go until the General Data Protection Regulation becomes applicable, EuroPriSe awaits its accreditation as a certification body under the GDPR. The idea of a European Privacy Seal assumed shape in 2004 when trust and accountability increasingly became  factors and data protection their essential conveyor. EuroPriSe was first introduced as an EU-funded project. The EuroPriSe project phase lasted from 2007 until 2009. During that period, a general framework for the European Privacy Seal was established and is essentially valid until today. Three data protection authorities (DPAs) took part in the initial set-up of the certification criteria and procedures, namely the DPAs of Schleswig-Holstein/Germany (ULD), France (CNIL) and the community of Madrid (APDCM).

From 2009 until 2013, EuroPriSe was operated by ULD. Today, the European Privacy Seal stands on its own feet, profiting from its advisory board including current and former high-level representatives of several European DPAs

For both the ISAE 30000 assurance as for EuroPriSe, we have chosen to include all essential parts of services. Included in the scope are:

  • Global Web reporting system
  • Global Phone reporting system
  • Case Management system
  • Translation process (70 languages)
  • Systems and processes
  • Third Parties
  • Privacy advice

Privacy and GDPR

People Intouch started the company as a European alternative to the US call-centre solutions. We focussed on the issues that  lie at the core of the Continental European culture. Privacy was one of them.  This is reflected in:

  • The design of our systems
  • Privacy compliance in our Data Protection Agreement
  • Ready at hand privacy-proof documentation and templates
  • Privacy advice

We are prepared for the GDPR, and this will be confirmed in the renewal of our EuroPriSe certification.