Free book: "The Next CMO: A Guide to Operational Marketing Excellence (2nd Edition)"
Get it Now

Technical and Organizational Measures

Last Updated October 2020

 

  1. General Data Protection regulation (GDPR)
  2. Data Processing Agreement
  3. EU Standard Contractual Clauses
  4. Technical and Organizational Measures
  5. Data Processing Details
  6. Sub-Processor List

Security Organization, Risk Analysis and Risk Management

Plannuh’s security organization is headed by the Chief Technology Officer. It works to provide robust information security controls for Plannuh products and environments. Plannuh will perform annual assessments of the compliance of Plannuh security controls with industry standard controls.

Workforce Clearing, Training and Sanctions

All Plannuh personnel are subject to background checks before access to restricted data is permitted. All personnel receive regular security training. Plannuh has adopted policies and procedures to apply workforce sanctions to employees who fail to comply with Plannuh security policies and procedures.

Physical Controls

Cloud Data Center – Amazon Web Services runs in data centers managed and operated by Amazon. These geographically dispersed data centers comply with key industry standards, such as ISO/IEC 27001:2013 and NIST SP 800-53, for security and reliability. The data centers are managed, monitored, and administered by AWS operations staff. The operations staff has years of experience in delivering the world’s largest online services with 24 x 7 continuity. For additional information, please refer to: https://aws.amazon.com/compliance/data-center/controls/

Access

Personal Data collected from Data Subjects by Plannuh is protected by encryption, and/or multi-factor authentication. Plannuh will only allow employees and contingent workers with a business purpose to have access to such data if it is required for them to complete their professional duties.

Business Continuity, Disaster Recovery

Plannuh has implemented and documented appropriate business continuity and disaster recovery plans to enable it to continue or resume providing Services in a timely manner after a disruptive event. Plannuh regularly tests and monitors the effectiveness of its business continuity and disaster recovery plans.

Network Security

All data is protected by encryption in transit over open, public networks. Data at rest is protected by encryption or compensating security controls, which include segmented networks, tiered architecture, firewalls with intrusion protection and anti-malware protections, and limiting of port access.

Portable Devices

Plannuh will not store Personal Data on any portable computer devices unless it is encrypted in accordance with then current industry best practice.

Monitoring

Plannuh takes appropriate steps to monitor the security of Personal Data.

Subscribe to The Next CMO newsletter to get marketing best practices and tips.