Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Purpose

The purpose of this policy is to protect

...

Dstny Analytics data and customer information

Scope

Customer data that is used by systems hosted by Meridix Dstny Analytics cloud solution where their data is uploaded to Meridix Dstny Analytics controlled servers

Policy

  • Data from a customer will under no circumstances be shared, sold or used by/to other companies than Meridix Dstny Analytics without the customers written approval.
  • Data is stored in a secure way that makes it inaccessible for unauthorized personnel within Meridix within Dstny Analytics as well as for partners to MeridixDstny Analytics.
  • Data is always owned by the customer even though it is stored on Meridix on Dstny Analytics controlled servers. Meridix Dstny Analytics will always accept a customers' requests regarding their stored data.
  • A customer can always demand Meridix Dstny Analytics to provide access to the data for a customer in the same format as when uploaded. (ex Csv, Xml).
  • Meridix Dstny Analytics will delete historic data both from the main backend and from backup locations if a customer requests it.
  • Meridix will Dstny Analytics will treat the information as sensitive business information and handle it as such.
  • Transfer of data between servers (through WAN connections) will always be done with transport layer security (TLS) techniques approved by customers specific requirements if any.
  • Any user information e.g. emails, names will never be displays displayed on any public web pages (for non-authenticated users within a system).
  • Any credentials (passwords) will be stored as a one way encrypted (hashed and salted) representation and can never be reverted to a plain text representation by user or administrators (Meridix Dstny Analytics included)
  • Meridix Dstny Analytics will always manage data in a safe and ethical manner in every possible aspect.
  • We do not collect sensitive information which includes data relating to: race or ethnic origin; political opinions; religious or other similar beliefs; physical or mental health; sexual orientation or criminal record.
  • You have the right to request access to the personal information we have about you and request that your personal details are deleted from our systems at any time.
  • If you have more questions about our security policy you can turn to dataprotectionofficer@meridix.se

...


Rev

Revision Date

Description/Changes

Responsible

Draft 1

2018-05-23

Initial Draft

dataprotectionofficer@meridix.se

Draft 2

2020-0911-0210

Revised Draft

Meridix Operation Team






Planned Review

...