Technical and organisational measures (TOMs)
All technical organizational measures (TOMs) taken by us for secure operation of our service can be found here.
- Data Protection Management, Rights of Data Subjects, Privacy by Design and Data Protection regarding Employees
Fundamental measures that are aimed at safeguarding the rights of data subjects, immediate reaction in emergencies, the requirements of privacy by design and data protection with regard to employees:
Physical Access Control
There is an in-house data protection management system, compliance with which is constantly monitored and evaluated on a case-by-case basis and at least every six months.
There is a security concept that guarantees the protection of the rights of the data subjects
(information, correction, deletion or restriction of processing, Data transfer, revocation & objections)
within the legal time limits. It includes forms,
instructions and implementation procedures set up, as well as the appointment of the persons in charge of implementation.
A security concept exists that guarantees an immediate reaction to data breaches
(evaluation, documentation, reporting) in accordance with legal requirements.
It includes forms, instructions and implementation procedures set up,
as well as the designation of the persons in charge ofimplementation.
The protection of personal data is already incorporated
in the development or selection of hardware, software and processes,
taking into account the state of the art, the cost of implementation and the nature,
scope, context and purpose of processing as well as the risks of varying likelihood and severity
for rights and freedoms of natural persons posed by the processing, in accordance
with the principle of data protection by design and by default (Art. 25 GDPR).
The software used is always kept up to date, as are virus scanners and firewalls.
The cleaning personnel, security guards and other service providers involved in the performance of
ancillary business tasks are carefully selected and it is ensured that they comply with the protection
of personal data.
Measures to prevent unauthorised persons from accessing data processing facilities with which personal data is processed:
Control of Access to Processing Systems
A "paperless office" is maintained and documents are only stored digitally and only in exceptional cases in paper form.
With the exception of workstations and mobile devices, no data processing systems are maintained
in the company's own business premises. The Controller"s Data is stored at external hosting
providers in compliance with the specifications for processing on behalf of other Controllers.
Server location: Electronic access control system (personal transponder, division into zones, onboarding process,
electric door opener at the entrance door and self-closing outside doors, in the
data centre additionally separation lock and alarm for non-closed doors)
Server location: Specific access regulations for groups of persons (registration of visitors at
reception, support of visitors by internal employees, additional access in the computer centre after
prior personal registration as well as locked server rooms with access authorisation for authorised personnel only)
Server location: Surveillance and alarm system (use of an alarm system and connection of security
guards, in the event of an alarm monitoring is carried out by on-site security guards,
in the datacentre additionally video surveillance of the corridors by its operator)
Measures to prevent the use of data processing systems by unauthorised persons:
Control of Access to Data and Input of Data
There is a rights management concept with which the access authorizations of employees,
representatives and other persons (e.g. users within the system) are defined and only reach as far
as they are required for the specified purpose.
All data processing systems are password protected.
There is a password policy that stipulates that passwords must have a minimum length and
complexity that corresponds to the state of the art and security requirements.
Registrations in the processing systems are logged.
Anti-virus software is implemented.
Hardware firewalls are implemented.
Software firewalls are implemented.
The website and/or access to online software services are protected by an up-to-date TLS/SSL encryption.
The internal systems are protected against unauthorized access by firewall, user name andpassword and/or client certificates.
There is a limitation of failed login attempts to internal systems (e.g. blocking logins or IPaddresses)
Server systems and services with intrusion detection systems are used
If technically supported, two-factor authentication is used.
Server location: Access to internal systems is restricted by firewall or VPN systems
Server Location: Encryption techniques are used to secure user authentication and administration
processes over the Internet.
Server location: Remote data access to production devices requires a connection to the companynetwork, which is secured by VPN systems.
Server location: A formal process exists to allow or deny access to resources. Various accessprotection mechanisms help to provide secure and flexible access.
Server location: Access rights are assigned or changed on the basis of a rights managementconcept.
Measures to ensure that those entitled to use a Data processing system can only access the Data covered
by their access authorisation and that personal data cannot be entered, inserted, read, copied, modified or
removed without authorisation during processing,
use and after storage; and measures to enable the
processing operations to be subsequently reconstructed:
Data transfer control
There is a rights management concept with which the access authorizations of employees,
representatives and other persons (e.g. users within the system) are defined and only extend as far
as they are required for the specified use.
Logging of every single step of Data processing, especially access to applications, especially during
Data entry, modification and deletion.
Logging of every single step, especially access to applications, especially when inputting, changing
and deleting Data.
Data carriers are stored securely.
There is a deleting and disposal concept in accordance with DIN 66399 (or an adequate deletion
and destruction level) with defined responsibilities and reporting obligations. Employees were
informed about legal requirements,
deletion periods and specifications for Data deletion or
equipment disposal by Data destruction service providers.
The processing of Data that is not deleted (e.g. as a result of statutory archiving obligations) is
restricted by restriction notes and segregation.
Server location: Access through personalized accounts based on a rights management concept.
Server location: accesses are logged.
Server location: System and application log files are stored and administrative activities recorded for
input control (logging).
Measures to ensure that personal data cannot be read, copied, altered or removed without authorisation
during electronic transmission or during transport or storage on data carriers and that it is possible to check
and establish to which points personal data is to be transmitted by data transmission devices
Control of Orders and Assignments
The persons authorised to hand over data carriers and the persons authorised to receive them shall
In the case of physical transport, secure transport containers or packaging are chosen, or the
security of the Data is guaranteed by personal supervision, provided that this is sufficient in view of
the risks to the Data.
In the case of remote access to Data, protocol measures ensure that Data transmissions or
disclosures are accountable.
If necessary, possible and reasonable, Data will be passed on in anonymised form or in
E-mail encryption is used if it is possible, reasonable and desired by the communication partner or
otherwise considered necessary and/or appropriate
Measures to ensure that personal data processed on behalf of the Controller can only be processed in
accordance with the instructions of the Controller:
Availability and Integrity Control
Obligation of employees and representatives to comply with instructions of the Controller.
Written specification and documentation of the instructions.
The contractual and legal requirements for the commissioning of subprocessors are complied withby concluding DPAs and securing and monitoring the necessary guarantees.
It is ensured that Data is returned or deleted after completion of the assignment.
Measures to ensure that personal data is protected against accidental destruction or loss:
Guarantee of the Principle of Purpose / Segregation of Data
Fail-safe server systems and services are used, which are designed in duplicate or in multiple
instances, subject to load tests and hardware tests, have DDoS protection and provide an
uninterruptible power supply (e.g. RAID, HA power supplies).
Server systems and services are used that offer a backup system at other locations, or at least in
other fire sections, on which the current Data is stored and thus provide an operational system even
in the event of a disaster.
Server systems and services are used which have moisture detectors as well as fire and smoke
detection systems and corresponding fire extinguishing devices or fire extinguishers in the EDP room.
Server systems and services are used that offer a reliable and controlled backup and recoveryconcept. Backups are made daily. The backups are encrypted.
The availability of the data processing systems is permanently monitored.
Measures to ensure that data collected for different purposes can be processed separately:
Measures to ensure that Data collected for different purposes can be processed separately.
Where necessary, possible and reasonable, Data is physically separated (e.g. by using different
servers). If there is no physical separation, the Data is separated logically (e.g. in different
databases or by marking with appropriate purpose attributes or Data fields)
An unauthorized access to the Data is prevented by a rights management concept.
In the case of pseudonymised storage, the identification keys are stored separately from the Data
and secured against unauthorised or unintended linkage during processing.
Productive and test systems are separated.
Only the administrators installed by the the controller are authorized to access all systems.
Customers using qrd°by have non-administrative access to their customer area and the data
processed for them within the scope of a user authorization. There can also be tiered authorizations
for customers. Data Processing Agreement
You might be interested in