Do you also value GDPR? 

Capturi is a safe choice

Are you already a customer or are you considering whether Capturi is a safe choice for your business? Dive into how you can use the platform in compliance with the data protection law

– Tue Martin Berg, CEO

GDPR-compliance

The features of our platform are built with a focus on the principles of “Privacy by design and default”. In developing the platform, we have therefore focused on data subjects and their rights under data protection law, and we have designed the platform to support this focus.

In addition, we are constantly trying to further develop the platform with solutions and features that help our customers to comply with their obligations, including in relation to ensuring the correct basis for processing (see more below), as well as the possibility to delete data according to self-established deletion policies.

We always conclude a data processing agreement

In any customer relationship, we process personal data on behalf of our customers. In this relationship, our customers are the data controllers and we are the data processor. This means that both we and our customers are obliged to enter into a data processing agreement, the content of which must comply with the requirements of the GDPR.

Capturi uses the Data Protection Authority’s standard contractual clauses as the data processor agreement. This means that we fulfil our joint obligation to enter into a valid data processor agreement.
You can download our data processor agreement here.
Read more about our use of subprocessors here.

What about recorded customer calls?

Recording customer conversations can add great value to a business. We have therefore compiled an overview of the relevant considerations before recording calls – these apply to both inbound and outbound.

Read about recorded customer calls here.

Our security measures 

Data processing is an integral part of the platform we provide to our customers.

Therefore, the trust and confidence of our customers that we can deliver our services in a secure and confidential manner is crucial to our business foundation. We hence take security very seriously and have a continuous focus on it.

Some of our security measures include:

Supplier

Use of supplier certified to ISO 27001:2013, 27017:2015, 27018:2014 and ISO 9001:2015 for hosting platform within supplier’s EU/EEA data regions.

Backup and anti-malware

Daily backup and updated anti-malware and virus on systems and devices.

Z

Redundancy

Full redundancy with the main hosting and operation provider to ensure access and continuous operation of the platform.

Use of Multi Factor Authentication login

Use of Multi Factor Authentication login for the platform and production environment.

Physical security of sites

Physical security of sites with individual access key fobs and codes and monitoring of facilities.

Background checks

Background checks of employees.

~

Encryption

Full TLS and HTTPS encryption of data in transit and in storage.

Network

Segmented and encrypted network and connection to Security Operation Center (SOC) via hosting provider.

Ongoing platform check

Ongoing checks of platform and systems with respect to OWASP top 10 vulnerabilities, including occasional use of “ethical hacker”.

l

Logging

Logging of access and actions in platform and systems.

Procedures

Procedures for access to production environment and access to customer data.

Hardware

Hardware reuse is done exclusively by restoring factory settings, and hardware destruction is done according to the market standard for this, meaning that data recovery is not possible.

HOW CAN WE HELP YOU?

Are you responsible for sales, IT or customer service in your organisation?

And are you curious on how to strengthen your team in a GDPR compliant way?

We want to be as transparent as possible. You are therefore welcome to contact us for a meeting on data security.

Call Tue

Phone number: +45 61 31 83 47