Customer data handling and privacy

Owned by Johan Wendelstam
Last updated: Mar 30, 2022 by Nael Kabbany
2 min read

Purpose

The purpose of this policy is to protect Dstny Analytics data and customer information

Scope

Customer data that is used by systems hosted by Dstny Analytics cloud solution where their data is uploaded to Dstny Analytics controlled servers

Policy

  • Data from a customer will under no circumstances be shared, sold or used by/to other companies than Dstny Analytics without the customers written approval.
  • Data is stored in a secure way that makes it inaccessible for unauthorized personnel within Dstny Analytics as well as for partners to Dstny Analytics.
  • Data is always owned by the customer even though it is stored on Dstny Analytics controlled servers. Dstny Analytics will always accept customers' requests regarding their stored data.
  • A customer can always demand Dstny Analytics to provide access to the data for a customer in the same format as when uploaded. (ex Csv, Xml).
  • Dstny Analytics will delete historic data both from the main backend and from backup locations if a customer requests it.
  • Dstny Analytics will treat the information as sensitive business information and handle it as such.
  • Transfer of data between servers (through WAN connections) will always be done with transport layer security (TLS) techniques approved by customers specific requirements if any.
  • Any user information e.g. emails, names will never be displayed on any public web pages (for non-authenticated users within a system).
  • Any credentials (passwords) will be stored as a one way encrypted (hashed and salted) representation and can never be reverted to a plain text representation by user or administrators (Dstny Analytics included)
  • Dstny Analytics will always manage data in a safe and ethical manner in every possible aspect.
  • We do not collect sensitive information which includes data relating to: race or ethnic origin; political opinions; religious or other similar beliefs; physical or mental health; sexual orientation or criminal record.
  • You have the right to request access to the personal information we have about you and request that your personal details are deleted from our systems at any time.

  • If you have more questions about our security policy you can turn to dataprotectionofficer@meridix.se

Revision History

Rev

Revision Date

Description/Changes

Responsible

Draft 1

2018-05-23

Initial Draft

dataprotectionofficer@meridix.se

Draft 2

2020-11-10

Revised Draft

Operation Team





Planned Review

Next planned review of the policy will be conducted approximately 12 months from the latest revision.

Webpage: www.meridix.se
Email: support@meridix.se
Tel: +46 (0) 21 38 30 32