Unless you live on a desert island, you know that the European Union is taking the
processing of personal information very seriously, and that the new General Data Protection Regulations goes into effect on May 25. As of that date, all organizations must guarantee that they comply with this new law's stipulations.
At Captio, because we handle sensitive data related to your company's expense control, and we care about your privacy, we have launched several work lines through which we not only comply with the law, but also offer you an extra layer of security.
But, before talking about news, we would like to remind you of some important facts related to security and data protection:
- Captio possesses ISO 27001 international information security certification. This accreditation is issued in acknowledgement of our compliance with the criteria for proper and safe information management, and allows us to guarantee our clients that their data is processed in a totally secure manner.
- At the technological and infrastructure level, we use Microsoft Azure, which provides us with an extra layer of strength and security. Captio's applications and data are stored in Microsoft's Azure Cloud; specifically, at the Northern Europe data centre, in Dublin, Ireland.
- Finally, at Captio we adopted an information security policy some time ago that allowed us to establish an action model to develop a corporate culture and an approach to our work and decision-making ensuring that information security and respect for personal data are constants.
Captio and the RGPD: Changes and New Features
Below we summarize some of the actions we are taking to comply with the strict requirements of the new legislation:
- In addition to specifying why we collect data from those who register on our website or request information from us, we specify their rights and how they can exercise them.
- Change to our Cookies Policy: all those who visit or use our website know what cookies will be stored, and for what purpose.
- New features:
- Encryption of the entire database. Although the law only refers to personal data, at Captio we have decided to encrypt all information; to add, once again, an extra layer of security.
-Masking of bank cards: Although we were already doing so, it is important to remember that the cards of those who use our bank reconciliation service are encrypted as shown in this example: 234***********1111.
-Data destruction protocol: We also provide mechanisms that allow customers and partners to delete their personal data, such as their name and surname, or email address.