GDPR compliance
More than GDPR compliance ...
The boom in process digitalization, big data and the IoT has spurred an exponential increase in data production. The volume of data worldwide has risen to 15 zettabytes and personal data represents a growing share of that total.
The European Union established the General Data Protection Regulation (GDPR) to protect and safeguard its citizens' personal data. The organizations are now responsible for ensuring that data is used in a reasonable, transparent way, that it is securely stored and that users have easy access to their data along with the ability to review, modify or delete personal information.
Our mission has always been to provide for easy, secure supervision of industrial processes and the flow of resources and assets.
Our products and solutions have complied with current GDPR requirements for more than 20 years, with complete transparency.
Welcome to high security
We were a recognized leader in data protection long before the introduction of the GDPR:
-
We secure organizations' operations and supply chains.
-
Our products and solutions are certified and audited by independent organizations.
-
Our data hosting options offer the highest level of security with all the necessary certifications
* Certified reader: LXSW33EPH57AD1 –ANSSI-CSPN-2013/03 certificate dated March 19, 2013.
Our goal is to help you bring your entire solution into compliance
STid is a keylink in the ecosystem of your access control solution.
Since the reader is the only visible part of an access control system, it must withstand the physical and logical attacks of threats
that would compromise secure access to your organization and the confidentiality of your information.
To ensure a secure link to the system, STid has developed the first protocol certified by ANSSI.
With the SSCP protocol, your organization guarantees the confidentiality and integrity of end-to-end information
Certifications by independent bodies
We're the first manufacturer to receive ANSSI's top-level security certification (CSPN), and we offer solutions that comply with ANSSI's leading architecture. We are audited regularly by independent certification bodies, such as Phonesec, which verify the security and protection level of our solutions.
Our data and those of our customers are hosted on two hosting services that set the standard when it comes to security. We require that they meet the most stringent standards on the market:
-
HADs and PCI-DSS certifications, SOC 1 TYPE II / SOC 2 TYPE II attestations and ISO 27001/27002/27005 standards -
Security of hosting, access and processing data and information -
Protection anti-DDoS - Data access security and durability
-
STAR self-assessment - Cloud Security Alliance - Cloud computing environment security
-
VMware certification and OpenStack Powered - Cloud architecture security certifications from virtualization and cloud computing market leading
-
APSAD certification - Data hosting areas and facilities protection
Three data storage methods,
one level of compliance
When our customers' solutions require data storage, they can choose to have their information hosted in one of three ways:
-
on their own servers *,
-
offline under our supervision,
-
online on the secure servers operated by our partner hosting services.
With these three options, our integrator customers can meet the security policies of even the most demanding organizations while ensuring the very highest level of data protection.
* If the data is hosted on our customers' local servers or by their own hosting companies, we guarantee the integrity of our security exclusively across the communications chain for which we are responsible.
Helpful info
Why is it important for companies to comply with the GDPR?
Companies are collecting and processing personal data on an increasingly massive scale. Numerous cases of harmful disclosure have made headlines worldwide, with serious adverse consequences for those involved. It is important for all of us to be able to manage our data security and be assured that our data is protected. The European Union adopted the GDPR for just that purpose. Companies that fail to comply with its provisions can pay a heavy price, including fines of up to 4% of their annual global revenue