Our customers data is in safe hands
In every area related to IT and Data Security, we have well-established procedures in place that safeguard your data – and we are very proud of that!
An international management standard for information security. The standard is a management tool that helps businesses protect valuable information, including personal data, in a secure and trustworthy manner. ISO 27001 sets requirements for risk management, documentation of processes, and the allocation of roles and responsibilities for information security, among other things.
The privacy protection standard is a management tool that provides insights into the processes and measures organizations should establish to achieve appropriate protection of personal information. This is an extension of the management standard ISO/IEC 27001 for information security.
We ensure security with confidence
Above all, it is crucial that our customers feel completely secure entrusting their data to us. They should be able to focus on their business without worrying about how their data is handled. Often, the information we deal with is sensitive, and by nature, this gives us a high-risk profile in terms of data security management.
Therefore, it is essential that we have standards in place to support our process of continuously maintaining and improving our security. We have evidence of this through our ISO certifications.
What is an ISO standard?
You could say that standards are a common language that allows us to understand things in the same way. This means that we can be confident that what we collaborate on or buy from each other meets expectations – whether it’s between businesses, authorities, or consumers.
Standards can, for example, set requirements for a product’s performance or describe technical terminology in a specific field. In our case, it’s a management tool that helps protect valuable information – including personal data – in a secure and trustworthy manner.
We will undergo annual audits, and every three years, we must be re-certified to maintain our ISO 27001 security certification. The evaluation and certification have been carried out by DNV, which is one of the leading global providers of accredited certification of management systems.
Activities are automatically logged
All participant activities are automatically logged, ensuring a comprehensive overview down to the smallest detail. We are always available for your organization’s data security expert to ensure compliance with security policies.
Conference Manager is encrypted using TLS (https). Encryption certificates are regularly updated, and keys are changed according to established standards. Whether it’s setting up and administering events or participants’ registration processes, data is completely secure when using Conference Manager.
As a default, we store data for 6 months after your event has been held, in compliance with typical legislation. If different needs arise, our standard packages include data storage for 24 months. All data is stored in Conference Manager’s own data center, and we do not use external parties for operations or hosting. Therefore, we have no data located outside the EU/EEA.
GDPR – EU’s General Data Protection Regulation
Everyone must have a data processing agreement that complies with the legal requirements, and in practice, it’s impossible to meet the legislative requirements without satisfactory IT support. This means, among other things, that you must be able to:
- Ensure the gathering of informed consent (and, in some cases, explicit consent) for the processing of personal data
- Allow the withdrawal/cancellation of consent for processing, unless processing is required by law
- Ensure transparency in processing, so individuals can precisely understand how and for what purpose their personal data is processed
- Maintain documentation of who has had access to personal data
- Allow individuals to have their data deleted
Conference Manager enables you to easily comply with the regulation’s rules. Without the use of an IT system for this, it becomes an almost impossible task.
Når du køber en licens hos Conference Manager, får du også vores obligatoriske databeskyttelsespakke, som understøtter vores ISO certificering. Du er derved sikret, at din virksomhed både overholder gældende lovgivning og samtidig kan dokumentere, hvordan dine og dine deltageres data bliver håndteret.
Conference Managers databeskyttelsespakke indeholder følgende dokumenter:
Geared towards your company’s use of Conference Manager and the evaluation of 12 points, assessing compliance with the law, recommended security measures, etc. The report is based on a specific assessment of your particular events, a review of registration pages, the fields used, agreements, security features, and more. The report also includes management’s confirmation that personal data during the latest reporting period has only been processed within the EU, and that we never use subprocessors or cloud services.
Overview of all the security measures that Conference Manager has implemented according to ISO 27001, as indicated in the ISO 27001 certificate. The document consists of more than 15 pages with descriptions and references to international standards, enabling direct verification of compliance with security requirements for authorities and companies that also operate based on international security standards.
Data Processing Agreement
Conference Manager does not have any independent rights to your data. You, as the customer, are the data controller for the content you input into Conference Manager, and therefore, it is your responsibility to ensure that we fulfill our obligations.
For this reason, we enter into a data processing agreement with all our customers. It is an integral part of our contractual basis. The data processing agreement ensures that:
- It is specified how and for how long we process and store your data
- Clear instructions are provided on how and what Conference Manager can do with your data and what we must ensure
- We have established (and continuously maintain) appropriate security measures
- Data is processed exclusively within the EU/EEA
- The type and categories of data are described based on your specific events
- Employees who may come into contact with data are bound by confidentiality obligations
- We provide assistance to you if, for example, you need to provide information to authorities or data subjects, etc.
- We permanently delete your data in accordance with our agreement and no later than when the agreement expires
Get started with Conference Manager
A complete system for handling registrations and administration of conferences, courses, exhibitions, and workshops. We offer support on all weekdays, and you are always welcome to contact us for advice and collaboration.