Best practise for data security
DataMapper treats all your personal data as private, even basic things like your name and email address. The system has been designed to comply with the best practices of data security in the business.
We comply with Denmark’s Agency on Digitization’s best practices
We comply with the Danish government’s Agency on Digitization’s best practice guidelines for IT providers. To make it easy for you to learn about DataMapper security, we’ve published our answers to 11 questions they use to evaluate software in Danish and English.
Key points:
- We log all access to your files.
- We frequently back up documents and data.
- We use the latest encryption standards both when transferring and storing your documents, including backup.
- We guarantee that your data does not leave the EU.
- We monitor and keep all servers up to date with the latest OS and security patches
DataMapper data flow diagram
DataMapper can scan personal sensitive data from cloud solutions, desktop and network drives. Data can only be scanned, when the users choses the location and folders to scan and authenticates the scan using security tokes. Data is then moved to a secure tennant within a personal resource group where data is scanned and processed with AI/ML algoritms.
The scanned meta data (extracted data) is then transferred securely to a storage in the personal tennant, where it will be used by DataMapper to visualize risks, enabling the user to clean up.
Data stays safe while you use DataMapper
You stay in control
Each user chooses which locations and individual folders DataMapper can access and the user retains full control to manage data access over time.
No one else sees your results
Only 2 developers in Denmark can access user data, and their access is restricted with MFA and location access. They will only access your data if you request them to, and only with two written consents.
You control your team’s access
As the verified creator of an account, you get admin status and are the only one who can invite users to your team. You choose where the people you invite will have admin access of user access.
Admins can monitor a complete dashboard of everyone’s results, users will only see their own results.
Features to keep data secure
Your data is kept in the EU
We guarantee that your data will not leave the EU.
Frequent backups
We regularly back up documents and data.
Access is logged
We log every access to your files.
Users verified
Dedicated sign-up flow ensuring each user is verified.
Passwordless authentication
Secure tokens from Microsoft/ Google are securely transferred to our system for verification.
Encryption
All communication between your computer and our servers is encrypted using 2048-bit RSA encryption.
Certificates
Our servers are certified with X.509 certificates provided by WebTrust certified certificate authorities.
Servers
Our trusted third-party services (e.g., Azure) use state-of-the-art access control. Server facilities are physically guarded.
Security patches
We monitor and keep our servers up to date with the latest OS and security patches.
Data encrypted at rest
Azure private blob storage encrypted at rest with Azure managed AES 256 bit keys.
Data encrypted in transit
HTTPS in transit, TLS 1.2, Shared access signature.
Our ethical AI
As AI becomes more and more widely used, questions about its ethics arise. Indeed, anytime you use AI, you should ask if it is ethical and use it responsibly.
Ethical AI should adhere to well-defined ethical guidelines and protect fundamental values, including:
- Individual rights
- Privacy
- Non-discrimination
- Non-manipulation
DataMapper’s AI does not create ethical concerns, for the following reasons:
- DataMapper uses AI to quickly detect and classify the personal data you already store in your systems. It does not collect additional data from your customers in any way.
- You decide who to invite to DataMapper, and what access they will have to the information gathered. You can give a user access to only their own data storage (regular user); or give them access to data and statistics for the whole company.
- Once DataMapper’s AI finds sensitive data and shows it to you, it is up to you to decide what to do with it. DataMapper’s AI cannot be used for automated decision making and it does not alter or manipulate the data in any way.
Would you like to know more about Safe Online and how we view privacy and security?
Get our Newsletter!
In our newsletter you get tips and tricks for dealing with privacy management from our founder Sebastian Allerelli.
When you sign up for our newsletter you get a license for one user to ShareSimple, which will give you a secure email in Outlook. This special offer is for new customers only, with a limit of one freebie per company.