The highest possible security for your data
We take the protection of your personal data very serious and strictly maintain the regulations of the EU-GDPR and the Federal Data Protection Act. In order to ensure the highest possible security for customer and personal data, our IT processes are constantly monitored and kept updated. Every member of staff at Plasticard-ZFT is regularly trained and is obliged to maintain the data secrecy.
How is your data protected?
Your personal or company data is treated in accordance with our general data protection regulations. Data you provide to us for the purpose of the personalisation of ID media or for mailing is secured by way of comprehensive technical and organisation measures in accordance with article 32 of the EU-GDPR. The order data processing is carried out on a contractual basis which individually regulates the precise security levels and regulations. The law requires Plasticard-ZFT to offer sufficient warranty for a proper processing. Plasticard-ZFT will be happy to assist you with the installation of an individual, law-abiding process and will supply the required information on request. Sample contracts regarding order data processing can be provided before an order is placed.
Contractual Regulations
Entsprechend der gesetzlichen Anforderungen schafft Plasticard-ZFT die notwendige Sicherheit durch modernste Virenschutzmaßnahmen und Access Control sowie Sicherheitszonen im Netzwerk und im Betriebsgebäude, die Hard- und Software sowie Daten vor Fremdzugriff schützen. Neben diesem Grundschutz werden im Rahmen der Auftragsdatenverarbeitung technische und organisatorische Maßnahmen ergriffen. Die Gestaltung dieser Maßnahmen orientiert sich an den Anforderungen des BSI sowie der ISO 27001. Zusätzliche, individuelle Regelungen können Sie jederzeit gern mit uns abstimmen.
Data Protection Office
IT-Security@Work GmbH (ISW)
Robert-Bosch-Straße 18
63303 Dreieich-Sprendlingen
Tel. +49 6103 37416-00
Fax. +49 6103 37416-99
Mail: dsb-plasticard@isw-online.de
Technical and organisational measures for data protection (TOM)
Plasticard-ZFT adopted, amongst others, the following technical and organisational measures:
Organisation control
Definition of competences and the
responsibility for the maintenance of regulations and measures.
Access control
Unauthorised persons have no access to the computers that are used to process data
Access control
Prevents that unauthorised people use the computing systems
Access control
Ensure that only those who are authorised
to access the data are able to do so and that it cannot be read, copied, modified or deleted without authorisation.
Transfer control
Ensures that data is not read, copied, modified
or deleted without authorisation during transmission/ transport/
saving.
Entry control
Ensures that subsequent checks
and determinations may be used to see whether and by whom data has been entered into, changed, or removed from data
processing systems.
Order control
Ensures that data is only collected, processed or used in accordance with the instructions of the client.
Verfügbarkeitskontrolle
Gewährleisten, dass Daten gegen zufällige Zerstörung oder Verlust geschützt sind.
Separation control
Ensures that data acquired for different purposes are processed separately.
Production control
Ensures that production in executed within
the framework of the applicable work instructions and testing instructions of the management handbook (MH).
Encryption
Ensures that electronically saved data cannot be
read by unauthorised third parties.
picture credits
© jirsak – stock.adobe.com