Privacy policy
Privacy Policy Overview
This document outlines how Nethart collects and uses personal information.
1. Data Collection Purpose
Nethart collects personal data solely for essential service provision and adheres to privacy rights and regulations, including the General Data Protection Regulation (EU 2016/679). Data processing includes collection, recording, storage, and transfer, sometimes using resources outside the EU/EEA.
2. Types of Personal Data
We handle personal data related to employees, customers, vendors, and website visitors, focusing on contact and professional information and activities performed with these individuals.
3. Data Processing Principles
- We ensure data quality and provide access to data subjects upon request.
- We notify public authorities as required by law.
- Data processing for clients is contractually based, with secure transfer mechanisms for data sent outside the EU/EEA.
- We implement security measures to protect data and comply with legal standards.
4. Audit Program
Regular audits ensure compliance with data protection and privacy standards.
5. Policy Changes
Nethart may update this privacy policy as necessary.
6. Complaints
Direct any complaints to [email protected].
Information Security and Data Privacy Governance
7. Risk Management
Nethart manages risks in IT security, business operations, and legal compliance.
8. Security Policies
We follow policies aligned with ISO 27001 and OWASP S-SDLC, covering data classification, protection, network, encryption, and more.
9. Organizational Security Approach
As a small, agile team, we collectively ensure the security and privacy of data. Our approach involves:
- Regular training and awareness sessions for all team members to stay updated on best security and privacy practices.
- Collaborative decision-making involving all team members when it comes to implementing and updating our security measures and privacy policies.
- Designating a responsible individual or a small group (as appropriate) for overseeing and managing specific aspects of data security and privacy.
- Ensuring all team members understand their role in maintaining data security and privacy, and are equipped to handle related tasks and inquiries.
10. Asset Management
We classify data based on sensitivity and ensure compliance.
11. Human Resources Security
We maintain high security and privacy awareness among employees and subcontractors.
12. Physical and Environmental Security
Our data centers are highly secure, with access control and monitoring systems.
13. Operations Management
We use tools for anti-malware, intrusion prevention, and other security aspects in our infrastructure.
14. Access Control
Central control of access and authentication is maintained for security.
15. System Development and Maintenance
Decisions on system changes are made considering security, risk, and compliance.
16. Incident Management
SOC handles compliance monitoring and incident response.
17. Business Continuity
We have robust solutions for business continuity in emergencies.
12. Compliance
Regular legal audits and external specialist consultations ensure compliance.
Cookie Policy
We use cookies to enhance user experience and gather usage statistics. You can manage cookie settings in your web browser.