This website uses necessary cookies to ensure that our website is ideally usable. We do not use cookies that process personal data without your prior consent. Read our Cookie Policy Ok

Technical and organisational measures (TOMs)

All technical organizational measures (TOMs) taken by us for secure operation of our service can be found here.

  1. Data Protection Management, Rights of Data Subjects, Privacy by Design and Data Protection regarding Employees
  2. Fundamental measures that are aimed at safeguarding the rights of data subjects, immediate reaction in emergencies, the requirements of privacy by design and data protection with regard to employees:

    • There is an in-house data protection management system, compliance with which is constantly monitored and evaluated on a case-by-case basis and at least every six months.
    • There is a security concept that guarantees the protection of the rights of the data subjects (information, correction, deletion or restriction of processing, Data transfer, revocation & objections) within the legal time limits. It includes forms, instructions and implementation procedures set up, as well as the appointment of the persons in charge of implementation.
    • A security concept exists that guarantees an immediate reaction to data breaches (evaluation, documentation, reporting) in accordance with legal requirements. It includes forms, instructions and implementation procedures set up, as well as the designation of the persons in charge ofimplementation.
    • The protection of personal data is already incorporated in the development or selection of hardware, software and processes, taking into account the state of the art, the cost of implementation and the nature, scope, context and purpose of processing as well as the risks of varying likelihood and severity for rights and freedoms of natural persons posed by the processing, in accordance with the principle of data protection by design and by default (Art. 25 GDPR).
    • The software used is always kept up to date, as are virus scanners and firewalls.
    • The cleaning personnel, security guards and other service providers involved in the performance of ancillary business tasks are carefully selected and it is ensured that they comply with the protection of personal data.
  3. Physical Access Control
  4. Measures to prevent unauthorised persons from accessing data processing facilities with which personal data is processed:

    • A "paperless office" is maintained and documents are only stored digitally and only in exceptional cases in paper form.
    • With the exception of workstations and mobile devices, no data processing systems are maintained in the company's own business premises. The Controller"s Data is stored at external hosting providers in compliance with the specifications for processing on behalf of other Controllers.
    • Server location: Electronic access control system (personal transponder, division into zones, onboarding process, electric door opener at the entrance door and self-closing outside doors, in the data centre additionally separation lock and alarm for non-closed doors)
    • Server location: Specific access regulations for groups of persons (registration of visitors at reception, support of visitors by internal employees, additional access in the computer centre after prior personal registration as well as locked server rooms with access authorisation for authorised personnel only)
    • Server location: Surveillance and alarm system (use of an alarm system and connection of security guards, in the event of an alarm monitoring is carried out by on-site security guards, in the datacentre additionally video surveillance of the corridors by its operator)
  5. Control of Access to Processing Systems
  6. Measures to prevent the use of data processing systems by unauthorised persons:

    • There is a rights management concept with which the access authorizations of employees, representatives and other persons (e.g. users within the system) are defined and only reach as far as they are required for the specified purpose.
    • All data processing systems are password protected.
    • There is a password policy that stipulates that passwords must have a minimum length and complexity that corresponds to the state of the art and security requirements.
    • Registrations in the processing systems are logged.
    • Anti-virus software is implemented.
    • Hardware firewalls are implemented.
    • Software firewalls are implemented.
    • The website and/or access to online software services are protected by an up-to-date TLS/SSL encryption.
    • The internal systems are protected against unauthorized access by firewall, user name andpassword and/or client certificates.
    • There is a limitation of failed login attempts to internal systems (e.g. blocking logins or IPaddresses)
    • Server systems and services with intrusion detection systems are used
    • If technically supported, two-factor authentication is used.
    • Server location: Access to internal systems is restricted by firewall or VPN systems
    • Server Location: Encryption techniques are used to secure user authentication and administration processes over the Internet.
    • Server location: Remote data access to production devices requires a connection to the companynetwork, which is secured by VPN systems.
    • Server location: A formal process exists to allow or deny access to resources. Various accessprotection mechanisms help to provide secure and flexible access.
    • Server location: Access rights are assigned or changed on the basis of a rights managementconcept.
  7. Control of Access to Data and Input of Data
  8. Measures to ensure that those entitled to use a Data processing system can only access the Data covered by their access authorisation and that personal data cannot be entered, inserted, read, copied, modified or removed without authorisation during processing, use and after storage; and measures to enable the processing operations to be subsequently reconstructed:

    • There is a rights management concept with which the access authorizations of employees, representatives and other persons (e.g. users within the system) are defined and only extend as far as they are required for the specified use.
    • Logging of every single step of Data processing, especially access to applications, especially during Data entry, modification and deletion.
    • Logging of every single step, especially access to applications, especially when inputting, changing and deleting Data.
    • Data carriers are stored securely.
    • There is a deleting and disposal concept in accordance with DIN 66399 (or an adequate deletion and destruction level) with defined responsibilities and reporting obligations. Employees were informed about legal requirements, deletion periods and specifications for Data deletion or equipment disposal by Data destruction service providers.
    • The processing of Data that is not deleted (e.g. as a result of statutory archiving obligations) is restricted by restriction notes and segregation.
    • Server location: Access through personalized accounts based on a rights management concept.
    • Server location: accesses are logged.
    • Server location: System and application log files are stored and administrative activities recorded for input control (logging).
  9. Data transfer control
  10. Measures to ensure that personal data cannot be read, copied, altered or removed without authorisation during electronic transmission or during transport or storage on data carriers and that it is possible to check and establish to which points personal data is to be transmitted by data transmission devices

    • The persons authorised to hand over data carriers and the persons authorised to receive them shall be determined.
    • In the case of physical transport, secure transport containers or packaging are chosen, or the security of the Data is guaranteed by personal supervision, provided that this is sufficient in view of the risks to the Data.
    • In the case of remote access to Data, protocol measures ensure that Data transmissions or disclosures are accountable.
    • If necessary, possible and reasonable, Data will be passed on in anonymised form or in pseudonymised form.
    • E-mail encryption is used if it is possible, reasonable and desired by the communication partner or otherwise considered necessary and/or appropriate
  11. Control of Orders and Assignments
  12. Measures to ensure that personal data processed on behalf of the Controller can only be processed in accordance with the instructions of the Controller:

    • Obligation of employees and representatives to comply with instructions of the Controller.
    • Written specification and documentation of the instructions.
    • The contractual and legal requirements for the commissioning of subprocessors are complied withby concluding DPAs and securing and monitoring the necessary guarantees.
    • It is ensured that Data is returned or deleted after completion of the assignment.
  13. Availability and Integrity Control
  14. Measures to ensure that personal data is protected against accidental destruction or loss:

    • Fail-safe server systems and services are used, which are designed in duplicate or in multiple instances, subject to load tests and hardware tests, have DDoS protection and provide an uninterruptible power supply (e.g. RAID, HA power supplies).
    • Server systems and services are used that offer a backup system at other locations, or at least in other fire sections, on which the current Data is stored and thus provide an operational system even in the event of a disaster.
    • Server systems and services are used which have moisture detectors as well as fire and smoke detection systems and corresponding fire extinguishing devices or fire extinguishers in the EDP room.
    • Server systems and services are used that offer a reliable and controlled backup and recoveryconcept. Backups are made daily. The backups are encrypted.
    • The availability of the data processing systems is permanently monitored.
  15. Guarantee of the Principle of Purpose / Segregation of Data
  16. Measures to ensure that data collected for different purposes can be processed separately:

    • Measures to ensure that Data collected for different purposes can be processed separately. Where necessary, possible and reasonable, Data is physically separated (e.g. by using different servers). If there is no physical separation, the Data is separated logically (e.g. in different databases or by marking with appropriate purpose attributes or Data fields)
    • An unauthorized access to the Data is prevented by a rights management concept.
    • In the case of pseudonymised storage, the identification keys are stored separately from the Data and secured against unauthorised or unintended linkage during processing.
    • Productive and test systems are separated.
  17. Authorized persons
    • Only the administrators installed by the the controller are authorized to access all systems.
    • Customers using qrd°by have non-administrative access to their customer area and the data processed for them within the scope of a user authorization. There can also be tiered authorizations for customers. Data Processing Agreement

You might be interested in


Top