GDPR Compliance

Building software with a difference

ISArc is committed to General Data Protection Regulation compliance

On 25th May 2018, a comprehensive new set of rules known as General Data Protection Regulation (GDPR) will come into effect in the European Union (EU), redefining the way ISArc and all other companies that deal with individuals based anywhere in Europe collect, store, and share personal data.

We consider every element of customer data equally private and have designed our security envelope with that in mind. ISArc has the following security and compliance monitoring standards and procedures:  

  • Defined and documented organizational security standards and procedures.
  • All employees and contractors required to sign a confidentiality agreement.
  • Background checks for all employees that have access to customer data.
  • Timely removal of access to customer data from any employee or contractor that leaves the company or who no longer requires access.
  • Ongoing staff training on all internal security policies and general security awareness.
  • ISO 27001 certified, ensuring the highest possible standards in data security.
  • Only using top-tier hosting providers that protect customer data from external threats.
  • We continually perform vulnerability testing against threat and attack vectors to detect any security vulnerabilities in payment processes, to avoid ransomware, and other threats.

Our customers can rest assured that we adopt and meet not just current requirements, but also regulations as they evolve.