The security of your data is our highest priority. Go to our website to find out what security measures we take in the areas of hosting, data transfer and data storage as well as authentication and authorisation.
Here you will find everything about GDPR and the protection of your data.
The security of your data is our highest priority. Go to our website to find out what security measures we take in the areas of hosting, data transfer and data storage as well as authentication and authorisation.
Allthings uses a variety of technical and organizational measures to ensure the security of your data. We would be happy to send them to you personally. Please contact sales@allthings.me for further information.
Our Commitment to the Protection of Your Data
Compliance with the statutory provisions on data protection is essential for Allthings and we therefore ensure that our services are implemented in compliance with data protection regulations. At the European level, our services have been tested for conformity with the German Data Protection Ordinance (DSGVO / GDPR), which will come into force in May 2018. In Germany, they have also been tested for conformity with the Telemedia Act (TMG) and the Federal Data Protection Act (BDSG), and in Switzerland they have been tested for conformity with the Federal Data Protection Act (DSG) and the Ordinance to the Federal Data Protection Act (VDSG).
In addition to reinforcing and standardising the protection of user data in all EU countries, this also introduced new or additional obligations for all organisations dealing with personal data of EU citizens, regardless of where they are based.
Compliance with GDPR
Updated GDPR requirements bring significant changes with them, and our team has adapted the Allthings product, operations and contractual obligations to support customers in meeting compliance requirements. The measures we have taken include:
In addition, we always keep up to date with the latest publications from data protection supervisory authorities on DSGVO compliance and update our product functions and contractual obligations accordingly. We will also provide you with regular updates to keep you up to date.
Our Security Infrastructure and Certifications
The protection of our customers' data and the privacy of their users is of utmost importance to us. Because we are a cloud-based company entrusted with some of our customers' most valuable data, we set high standards for our security.The Hosting Data Center meets the requirements of a comprehensive list of global security standards, including ISO 27001, PCI DSS Level 1, IT Basic Protection and the EU Data Protection Directive. See also AWS Cloud Compliance for more information.
If you would like to learn more about Allthings' security guidelines and measures, please refer to our Privacy Policy or learn more about our Security Standards on our website.
International Data Transfer: Privacy Shield and Terms of Contract
In order to comply with EU data protection laws relating to mechanisms for international data transmission, we have introduced strict regulations. Customer data is subject to Swiss data protection regulations and EU data protection and is always stored using AES-256 encryption. In addition, customer data is stored in Ireland and therefore never leaves the EU. For all subcontracting relationships, we pay particular attention to the DSGVO conformity of our contractors abroad and secure this with the aid of order data processing.
**Please note that the general legal information we provide does neither constitute nor take the place of any kind of legal advice or training. Like most legal regulations, the standards applicable to you and their concrete interpretation may differ. Our information is based on our understanding of the legal regulations mentioned at the time this document was prepared. We assume no liability or warranty for the accuracy, completeness or timeliness of the information provided.**The customer contract and the data processing agreement define the customer as the responsible body. This means that the Customer may give instructions to Allthings and all other parties that are granted access to the Customer's platform.
The handling of tenant data by these third parties takes place within the framework of the performance of their services. In terms of data protection, these third parties either work at their own responsibility or upon instruction of the Customer. Allthings does not assume any resposibility.
It is therefore not necessary that a direct contractual relationship is established between Allthings and the contractual partner of an Allthings Customer (e.g. a management service provider) in order for data exchange to take place.
**Please note that the general legal information we provide does neither constitute nor take the place of any kind of legal advice or training. Like most legal regulations, the standards applicable to you and their concrete interpretation may differ. Our information is based on our understanding of the legal regulations mentioned at the time this document was prepared. We assume no liability or warranty for the accuracy, completeness or timeliness of the information provided.**Business partners of Allthings customers who offer their services on the platform have regular access to personal data. It is therefore crucial to verify whether it is necessary to sign an Data Processing Agreement between the business partner and the customer (Art. 28 of the DGSVO).
In this case, business partners are legally responsible for ensuring that they comply with data protection regulations and the Customer's instructions regarding the handling of personal data (Art. 28 para. 3 DSGVO).
**Please note that the general legal information we provide does neither constitute nor take the place of any kind of legal advice or training. Like most legal regulations, the standards applicable to you and their concrete interpretation may differ. Our information is based on our understanding of the legal regulations mentioned at the time this document was prepared. We assume no liability or warranty for the accuracy, completeness or timeliness of the information provided.**