01 Organisationprocesses, in compliance with ISO 27001:2013
The ISO Certificate is to guarantee the highest possible security standards in a range of provided services. ISO 27001:2013
is an international standard for Information Security Management Systems in companies. FORDATA’s ISMS is accredited by BSI Group, a leading and independent certification body. According to the best practices, audits are conducted every year to ensure that all previously declared standards are being constantly improved.
Certificate of Registration - Information Security Management System ISO/IEC 27001:2013
02 Encryption of communication data with EV SSL Certificate 256-bit
All information sent between application’s server and user’s web browser are encrypted with 256-bit encryption algorithm. This ensures that the information you submit will not be used by unauthorized people.
Furthermore, EV SSL Certificate guarantees that FORDATA is the sole owner of this particular website and protects against phishing (which is the attempt to obtain sensitive information by creating website that looks as if it is from a legitimate organization).
03 Personal data protection and accordance with Legislation of Inspector General for Personal Data Protection
In contract to American providers, we guarantee that Personal Data that you get us processed, are protected according to specific regulations in EU -
General Data Protection Regulation (GDPR), as well as requirements of Polish Legislation of Inspector General for Personal Data.
In FORDATA we act according to the Personal Data Protection Act and we have appointed an Data Protection Administrator who runs a register of personal data sets processed in our company. It is of a paramount importance in the face of a new General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) that was adopted by the European Parliament on 14 April 2016 and will be in force in Poland in 2018. This legislation introduces strict punishment system for the entrepreneurs who violate it (inter aglia the Data Administrator might be subject to a financial penalty of as much as 4% of the annual rvenue).
04 File security & watermarks
Each user that logs into the Data Room is able to view, print out and save only these documents, to which he/she has been granted view/print access rights. Document protection also includes watermarks, print screen (Ctrl+Print Screen) lock, antivirus scanning of each file and upload denial of potentially dangerous files.
In order to prevent uncontrolled distribution of documents through e-version or paper version, as well as taking pictures of the screen where data is displayed, we have introduced watermarks on documents. The watermark includes the name of the user accessing the file and the exact date and time of the activity. It is possible to adapt the watermark in terms of its content and form, according to the customer preferences.
05 Access control to the system
Starting with the fact that the URL address - the link to the Data Room is shared only with authorized users, through advanced user authentication mechanisms (sms codes, password strength verification), and ending with concurrent login restriction and limited number of IP addresses from which user can access the VDR, these are examples of compound access control FORDATA policy.
06 Advanced reports on users activity
Reports are a very important source of information for the administrator. They allow you to track the progress of the transaction, control the process, but above all, to discover the true intentions of potential partners. It's all thanks to the ability to monitor who and for how long views what documents, and what are the most popular/least popular documents or thematic areas, and the ability to compare the activity of individual partners.
07 Reputable Data Centres located in Europe
Our applications are hosted in two independent, technologically most advanced data storage and processing centres in Poland. They are equipped with special air conditioning and fire protection systems, and have access to alternative electric power supplies, as well as emergency power supply. They also offer the possibility to use the infrastructure of independent alternative telecommunication operators. Server security is protected by extremely rigorous system of control over any physical access to the infrastructure.
08 Guarantee of uptime and business continuity
Business continuity management is to ensure that in the event of a system failure, restoring of all critical system functions will take place as soon as it is only possible, and at a certain level of data loss. In FORDATA we know how sensitive that process is. Implemented policies and procedures guarantee the system uptime of 99% and the Recovery Point Objective (RPO – max amount of data lost) at 15 minutes only.