Data Security

Data Security

The security of your customer’s data is of great importance to us. This document gives an overview of the technical and organizational measures we have put in place to keep this data safe.

General data security

All our employees are trained on security practices regularly. We use various industry-standard technologies and services to secure your data from unauthorized access, disclosure, use and loss. Security is directed by Spotler Connect’s Head of Engineering and maintained by Spotler Connect’s Security & Operations team.

Data storage

Our databases and application are hosted in AWS datacenters in Frankfurt, Germany. These data centres pass strict safety requirements and certifications such as ISO 27001, ISO 27017, ISO 27018 and are also GDPR-compliant.

Encryption

We encrypt data whenever possible. This means both while it is transported using industry-standard TLS and while it is stored. The disks in datacenters are all encrypted at rest via Customer Managed. We use modern TLS implementations and strong cypher choices such as SHA512.

Payment information

Spotler Connect’s Payment method and SEPA direct debit are handled by Mollie, which has been audited by an independent PCI Qualified Security Assessor and is certified as a PCI Level 1 service provider, the most stringent level of certification available in the payments industry. In most situations, Spotler Connect does not typically receive credit card data, making it compliant with Payment Card Industry Data Security Standards (PCI DSS).

Data replication

To ensure the safety and consistency of your data, we regularly back up your data. Our application is cloud-based and can be maintained from any infrastructure.

Data consistency

We take great care not to lose your order data or any products. This is why we are strict about data consistency. We use stable and mature relational database technology and a strongly typed data model to enforce this.

Anonymization

By default, Spotler Connect automatically anonymizes any of your customer’s data that has been stale for 365 days. Spotler Connect will only retain certain information that is fundamental to ensure that processes can be performed optimally now and in the future.

Auditability

Actions within our tool are logged and tracked by application monitoring platforms as described in our list of subprocessors. We also keep detailed statistics about the performance of our infrastructure. Found a problem? Please get in touch with us as soon as possible at support@spotler.nl.

Go to top
Contact