Is the General Data Protection Regulation (GDPR) also important to you?

If so, Capturi is the safe choice as we take GDPR very serious. 

If you are considering whether Capturi is a safe choice for you, please use the following information to confirm we take GDPR seriously, and that we care about your GDPR compliant use of our platform. 

A great example of this is that we have switched our setup from an AWS based cloud setup to a European setup with data location within EU/EEA, and the possibility of only choosing suppliers with no third country ties

- Tue Martin Berg, CEO at Capturi

GDPR compliance



Our software solution is developed in the GDPR area, hence the principles of Privacy by design and default is an integral part of our software solution. In developing the solution, we have focused on data subjects and their rights, and we have designed the platform to support the catering of these rights as best as possible.

In addition, we are constantly trying to further develop the platform with solutions and features that help our customers to comply with their obligations, e.g. features supporting deletion policy compliance, the right to be forgotten, general data minimization features, and much more making GDPR compliant use of the platform easy.  

In order for our customers, as data controllers, to control Capturi’s processing of data on behalf of the customer in compliance with GDPR, we let ourselves be audited by an independent audit for the purpose of providing our customers with an ISAE3000 report on GDPR compliance.

Download our ISAE report here.

Data processing agreement



In all our customer relationships, Capturi processes personal data on behalf of our customers as the data controllers. Consequently, we as parties are obliged to enter into a data processing agreement. 

Capturi uses the Danish Data Protection Agency’s standard contractual clauses as the basis for our standard data processing agreement. This has the advantage that we can fulfil our joint obligation to enter into a GDPR compliant data processing agreement.

Download our data processing agreement here


One of the most important things for our customers is transparency in the sub-processors we use to provide our services, hence a complete list of these, including copies of our data processing agreements with them, can be found here.

Call recordings

Recording customer conversations and analyzing these is a great way to create value for a business in terms of both optimizing operations as well as educating employees, but also an action and purpose that requires a clear legal basis before commencing.

Luckily, our customers have a very good understanding of this. Even though this seems to be a general trend, we have compiled an overview of relevant considerations to have prior to recording both inbound and outbound calls.

Learn more
Integrationer Capturi

Our security measures

Trust and confidence in our ability to safely process our customers data is of upmost importance to Capturi given the close ties this has to any customers wanting todo business with us. We therefore take security very seriously and have a continuous focus on it. 

Some of our security measures include:

Globe – leverandører

Suppliers

Use of suppliers being sufficiently certified based on recognized standards such as ISO 27001:2013, 27017:2015, 27018:2014 and ISO 9001:2015, and use of suppliers being able to guarantee processing within EU/EEA data regions.

Medarbejderkort – baggrundstjek

Background checks

Background checks of employees.

check mark

Redundancy

Full redundancy setup with main hosting and operations provider to ensure access and continuous operation of the platform.

kryptering

Encryption

Full TLS and HTTPS encryption of data in transit and in rest.

cloud backup logo

Backup and anti-malware

Daily backup and updated anti-malware and anti-virus on all systems and devices.

reuse logo

Hardware

Hardware reuse is done by restoring factory settings only, and hardware destruction is done according to market standards for this, so data recovery is not possible.

text plus check mark logo

Logging

Logging of access and actions in the platform and systems.

memory card logo

Procedures

Procedures for access to production environment and access to customer data.

key logo

Physical security of sites

Physical security of sites with individual access keys and codes as well as monitoring of facilities.

network logo

Network

Segmented and encrypted network and connection to Security Operation Center (SOC) via hosting provider.

login logo

Use of Multi Factor Authentication Login

Use of Multi Factor Authentication login for the platform and production environment.

Magnifying glass logo

Ongoing platform check

Ongoing check of platform and systems against OWASP top 10 vulnerabilities, as well as periodic testing of systems by an ethical hacker.

For more information, download the full overview of our security measures here

Do you have questions about GDPR or data protection in relation to Capturi?

Tue Martin Berg

tmb@capturi.com +45 6131 8347 Ankersgade 12e, 1.tv
8000 Aarhus C

Book a meeting on data security