About our security
We’ve prepared this public security statement as a companion to our website privacy policy to outline our security and data protection principles, standards, and practices. Here we describe our general practices and policies at Safe Online. For specifics about each product, please see the product’s security policy.
Our privacy-first principles
At Safe Online we’ve worked hard to develop a privacy-first culture based on the following principles:
- Transparency and good faith. We keep our policies updated and are happy to give you more information and access to your data whenever you request it. We provide a dedicated request portal in our website footer for this purpose.
- Data minimization and purpose limitation. We only collect the data we need to give you access to our software, and we won’t use your data for any other undisclosed purpose.
- Minimum privilege and access control. Our products were designed to help you manage your own company’s personal data. We operate on the principle of privacy-by-default and collect only the minimum amount of data necessary to provide our users access to each of our products and our website. Then, the data is only used for the purpose collected. Our own access to it is limited as strictly as possible. For example, only 2 developers can access DataMapper data, and only with two written consents from your company.
- Security awareness and confidentiality. We train our team to be aware of security risks and to understand the importance of protecting personal data. This awareness starts with our developers, who base all our products on the principles of privacy by design and by default; and it extends to our customer service team as they treat even basic things like your name and email as private.
Our data protection
Here are some examples of the technical measures we use to keep your data safe:
- We log access to your files.
- We frequently back up documents and data.
- We use the latest encryption standards both when transferring and storing your documents, including backup.
- We guarantee that your data does not leave the EU.
- We monitor and keep all servers up to date with the latest OS and security patches.
We comply with Denmark’s Agency on Digitalization’s best practices
We comply with the Danish government’s Agency on Digitization’s best practice guidelines for IT providers. We’ve published our answers to their 11 questions everybody should ask. Read our answers in Danish or English.
D-seal
As part of our ongoing data ethics considerations, we have completed the document “D-seal’s Questionnaire For Data Ethics Considerations” in relation to Denmark’s labelling program for IT security and responsible use of data, D-seal. You can download the document here.
Do you have more questions about our security?
Please read our privacy policy for more information on exactly what data we collect and why, how long we keep it, and more. If you still have questions about our privacy and security, feel free to get in touch with us using the information below.
VAT: 38589962
Nørrebrogade 47
2200 København N
Denmark
Phone: (+45) 31 66 34 00
