Data Security Statement

We provide you with this Security Statement with the aim of being transparent about our data security infrastructure and practice. Wunderdata uses some of the most advanced technology for internet security that is available today.

• Your information is protected via Secure Socked Layer (SSL) technology using both server authentication and data encryption.
• Wunderdata does not share, sell, rent, or trade data with third parties. You are data owner.
• Only authenticated users from your organization will be able to access the data after entering a secure password.
• Our servers are located in Germany and meet stringent German and European privacy laws.

Technical and organizational measures for data security:

This TOMs are in compliance with German §9 Federal Data Protection Law (Bundesdatenschutzgesetz).

1. Physical access control
• Electronic access control system
• Documented key and smart card management to employees
• Video control at entrances and exits
• Security locks
• Chip card reader
• Alarm systems
• Access protection

2. Admission control
• Access to computers / systems only with passwords with high safety standards (minimum length , regular change , etc.)

3. User access control
• Role-based authorization concept (ACL )
• Logging of accesses
• Password policies for employees and customers
• Secure storage of media
• Encryption of data medium
• Number of administrators limited to the minimum

4. Transmission control
• All employees are obliged to maintain data secrecy according to § 5 Federal Data Protection Law (Bundesdatenschutzgesetz)
• Deletion of personal data after completion of the job in compliance with the data privacy law
• Data transfer through SSL and SSH protocols
• Firewalls according to the prior art
• Email encryption

5. Input control
• Important data can only be entered by the customer
• Every change in data is logged

6. Order supervision
• All employees will be trained at regular intervals in data protection law
• The terms and conditions include detailed information on the nature and extent of the processing and use of personal data
• Contracts are based in compliance with the requirements of § 11 Federal Data Protection Act (Bundesdatenschutzgesetz)
• Right of control by the contracting customer

7. Availability control
• Uninterruptible power supply
• RAID (disk mirroring)

8. Principle of separation
• Separation of production and test systems
• Separate folder structures for each customer
• Separate databases
• Separate database rights
• Logical client separation (ACL, ETL, etc.)

For more information please mail us at secure@wunderdata.com