Trust centre
Our Trust Centre is designed to provide you with information about information security practices, data protection measures, and code of conduct.
Information security and privacy
At Trapets, we understand that security and the protection of customer data are crucial to our solutions and adhere to high information security management standards.
The character of our business imposes a robust framework for managing our customers' data security. We have been an ISO 27001-certified company since 2018.
We have a privacy management system that is led by the Chief Executive Officer (CEO) and supported by the Data Protection Officer (DPO) and the Chief Information Security Officer (CISO). We also work proactively to prevent any unauthorised or unlawful access, use, disclosure, modification, or destruction of data, including:
Storing and processing data in multiple locations within Europe to ensure availability and resilience.
Encrypting data in transit and at rest using advanced encryption standards and protocols.
Backing up data regularly and storing it in geographically redundant locations with encryption and access control.
Providing security risk training to our developers and security awareness training to all our staff annually.
Conducting internal and external security audits.
Only allowing access to our systems and applications from trusted IP addresses or domains.
The purpose of this policy is to protect Trapets against threats related to information security.
Information security refers to both IT security and information security in Trapets’ organization, premises and IT environment. Information security is an integral part of the business and the Information security policy should provide a company-wide view of information security issues.
Trapets ensures this by:
We prioritise the security and integrity of data, which is why we have an information security management system and a comprehensive information security policy framework. We have been certified according to ISO27001 since 2018.
The information security and privacy management system is governed by the Chief Executive Officer (CEO) and supported by the Data Protection Officer (DPO) and Chief Information Security Officer (CISO).
Our information security policy framework includes information classification, business continuity and disaster recovery, back-ups, access management, risk- and incident management, encryption and secure development.
We understand and respect the importance of data privacy and comply with the General Data Protection Regulation (GDPR). We only process personal data for legitimate purposes and with appropriate safeguards. In addition to the GDPR, some of the personal data we process for our customers are also covered by legislation on bank secrecy or similar legislation. We are committed to governing privacy accordingly.
Trapets processing of personal data within our service delivery, as processor for our customers (the controllers) is governed by the Data Protection Policy and Data Processing Agreements between Trapets and our customers. Other processing of personal data by Trapets is described in the Trapets Privacy Policy.
To prevent any unauthorised or unlawful access, use, disclosure, modification, or destruction of data, we implement various technical and organisational measures, such as: