Technical and Organisational Measures

ToM (Art. 32 of the General Data Protection Regulation - GDPR): OpenSanctions Datenbanken GmbH

Confidentiality

As per Art. 32 §1 b GDPR

Building access

  • Offices: Campus and building secured via PIN entry, office secured via an electronic door system with access logs.
  • Data centers: All data is stored in secure data centers (see Subprocessors list). All data is stored in European data centers (where applicable and available: Google, ChargeBee, HubSpot).

System access

  • Authentication using username and password
  • Multi-Factor Authentication (MFA)
  • Firewall
  • Use of a team password management software
  • Technical workstation locking upon not active
  • Encrypted notebook hard disks

Data access

  • Central staff user account management (Google Workspaces)
    • Role-based access control, need-to-know to access to storage mechanisms which contain customer information (CRM, Billing, Payments, Contracts).
  • Use of Infrastructure-as-Code (Terraform) and version control for configuration management of information processing systems; use of ephemeral service accounts.

Data separation

  • Separation of test and production systems where customer data is being stored
  • Storage of payment information in separate, PCI-certified systems (Stripe.com)

Pseudonymisation

  • Pseudonymisation is not used within the company

Integrity

As per Art. 32 (1) lit. b GDPR

Confidentiality - Data Transmission / Storage / Destruction

  • Comprehensive use of transport layer security (TLS)
  • Use of at-rest encryption of staff computers (LUKS, FileVault)
  • Destruction of all printed matter not needed for legal compliance (GoBD)
  • Use of audit logs for systems, which retain sensitive information

Integrity - Data Entry Controls

  • Data quality assurance via monitoring systems and programmatic verification of data with the ability to cancel publication when inconsistencies are discovered.
  • Regular and automated execution of integration tests against development and production environments.
  • Data processing code used for products is open source and subject to public scrutiny. – Data processing generates extensive logging output, which is available to the public.
  • Ability to revert to previous data product releases.

Availability and Resilience

As per Art. 32 (1) lit. b GDPR

Availability

  • Backup concept including offline backups and cross-provider data mirroring
  • Data stored in two certified data centres with Uninterrupted Power Supply (USP)
  • Automated patch management – Use of Firewalls and security monitoring platforms (Vanta, Google Security Command Center)
  • Monitoring system (Google GKE, Monitoring, Error Reporting, BetterStack Uptime) – Disaster Recovery Plan in place including recovery time objectives (RTO) and recovery point objectives (RPO)

Rapid Recovery & Restore

  • Tested ability to restore files from backup
  • Tested ability to programmatically re-generate data used in products

Procedure for regular testing, assessing and evaluating

As per Art. 32 (1) lit. d GDPR; Art. 25 (1) GDPR

– The Information Security Management (ISM) at OpenSanctions has been ISO 27001:2022 certified since June 2024 by independent auditors. – The OpenSanctions ISM board is meeting at regular intervals to assess and evaluate the effectiveness of the ISM policies and measures. – Annual disaster recovery test, including a test of backup restoration processes (including of GCP storage buckets and daily SQL database backup enabled. – Annual penetration test conducted by independent auditors.

Organisational Control

  • Records of processing activities (Art. 30 GDPR)
  • Security of Processing (Organisational and Technical Measures) (Art. 32 GDPR)
  • Risk Analysis (Art. 32 GDPR) as per ISO 27001 – Business continuity planning and disaster recovery planning
  • Employees and contractors are required to sign and comply with confidentiality agreements
  • Structured and documented process for the handling, processing and response to information and deletion requests.
  • Structured and documented process in response to security incidents or data loss. – Regular employee training on ISM principles and asset management policy in place.

Data Protection by Design and Default

  • Use of transport and at-rest encryption
  • Use of Infrastructure as Code (IaC) techniques for environment management
  • Customer information is only collected and processed as needed for specific business purposes.

Last updated: December 17, 2024

Got more questions? Our support is here to help. You can also join the Slack chat to meet the community.
About OpenSanctions
FAQ
Licensing the data
Contact us
Talk to sales
Get support
The team
Data inclusion criteria
Terms and conditions
Privacy Policy
Impressum
OpenSanctions · Find sanctions targets and persons of interest
OpenSanctions Datenbanken GmbH · info@opensanctions.org · https://opensanctions.org/meeting