ISOPlanner and GDPR
ISOPlanner is compliant with the EU General Data Protection Regulation [GDPR].
Privacy by Design
We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of personal data, username, password, transaction information and data stored on our servers.
Sensitive and private data exchanges between ISOPlanner and its users happen over a TLS secured communication channel (also known as SSL) and is encrypted and protected with digital signatures. All personal data stored on our servers is encrypted at rest.
We’ve partnered with various providers to offer a reliable service. All of our partners have a great security track record, take personal data privacy seriously, and are fully compliant with GDPR. We have a Data Processing Agreement (DPA) with each of them.
To be fully transparent, here is the complete list of providers who come in direct contact with our users’ personal data:
Rights of the data subject
Our users have the right to access, correct, export and delete their personal data. They may request an export of their personal data (structured and machine readable format) by contacting us at firstname.lastname@example.org. We will respond to and proceed with requests within 30 days.
Data Processing Agreement
Find our Data Processing Agreement here: ISOPlanner DPA September 2022