Your data is the most important thing for us, and we go a lengthy way to protect your need for personal privacy.
1. Working close to partners
First of all, we thoroughly make sure that our business partners providing the source material respect the GDPR. No matter if it is at the level of the collection of your data or at the level of the information they give you about the processing of your data. In particular, we ask them to be as transparent to their customers as possible regarding the transmission of data to Bisnode, and to refer to these web pages for more information on our activities. Also, to make sure data is handled correctly, we regularly controls and documents our vendors and third parties.
2. Limiting the processing to a minimum
To protect the personal integrity, we are limiting the processing only to what is necessary for the purpose. On top of that, we are not releasing information if we suspect that it could be used in conflict with our stated purposes and violate the individual's privacy. We have an active blocking feature so that every registered individual or company owns the right to refuse direct marketing.
For the processing itself, we maintain advanced and modern technical security.
3. Regular internal and external controls
The security of your data is of paramount importance to us, and we do regular internal and external checks to ensure that the tools and procedures put in place work properly. We also have an incident/security organization in-house with coordinated processes, both on a central and local level. All employees and consultants that will have access to data, need to go through an on- and offboarding processes, to secure that the right person only have access to the data he or she needs. To follow up, we keep logs of who does what regarding the access of data.
4. Network of Data Protection Officers
As Bisnode is a European company, we have a network of Data protection officers (DPO’s), both on a central and local level, securing closeness both to the individual and to the DPO’s. But we are not stopping there. We also have regular group wide trainings around GDPR for all employees.
5. Ready for you to exercise your rights
We have procedures in place to allow you to exercise your rights easily. That is, we have a quick and efficient customer service to update, correct, block and delete personal data that is false or incomplete.
6. Limiting risks
In compliance with the GDPR, we carried out a data protection impact assessment (DPIA). This document analyzes all the possible risks of harm to your data and all the measures to be taken to avoid or limit this risk to a maximum. The recommended measures have been implemented in our IT system and in our procedures.