Security and data protection
Why is this topic so important for us?
…because we make the greatest possible efforts to protect our customers from data misuse. This is becoming increasingly important, especially in the context of digitization.
Data security is not the same as data protection
Data security
The ultimate goal of data security is to comprehensively protect data of any kind (both analog and digital) from threats – from loss to corruption to deletion of that data. This pursues the three fundamental protection goals of confidentiality, integrity and availability.
Data protection
Data protection aims to protect personal data, i.e. all information relating to an identified or identifiable person, from unauthorized third-party access, loss or alteration.
Secure in our cloud
We provide access to various services based on our cloud infrastructure. We host these at an ISO 27001 certified data center provider. This ensures the permanent and smooth technical operation of the platform. We ensure compliance with numerous international standards and thus the security of all stored customer data. The European General Data Protection Regulation as well as the Federal Data Protection Act in its new version have regulated the processing of personal data since 2018. A distinction must be made between two use cases:
We as a processor
Personal data of third parties that is processed either in the WARIOS cloud infrastructure or during the execution of the integration process for on premise licenses is the sole responsibility of the customer. WTE Betriebsgesellschaft mbH (WTEB) acts here only on behalf of and on the instructions of the customer. WTEB therefore assumes the role of processor pursuant to Article 4 No. 8 DSGVO. We and our cloud customers must ensure that an order processing agreement (AVV) is in place in accordance with Art. 28 para. 3 DSGVO is concluded. In this agreement, both parties undertake to fulfill and implement the obligations set out therein accordingly. We will be happy to provide a sample contract of an AVV.
We as a processor of personal data of our customers
WTEB processes personal data of our customers contact persons within the framework of the contractual relationship. In doing so, we observe the requirements of the GDPR, such as the principle of storage limitation according to Art. 5 para. 1 DSGVO and the provisions of the German Commercial Code regarding retention obligations.