Who manages your data? That’s us!
An overview of the measures that El Niño has in place with regard to GDPR.
El Niño considers it important to ensure that (personal) data is processed and stored securely in all applications. Privacy and security are our main concerns during the development of new applications and while maintaining existing systems.
To underline this, the most important measures that El Niño takes in the context of processing personal data are described in this document.
Applications developed by El Niño can be hosted in five different places:
- At Hetzner in their data centers in Falkenstein, Germany and Helsinki, Finland.
- At Webguru in the Netherlands.
- As a server at Hipex (only for Magento webshops).
- As a Hypernode server at Byte (only for Magento webshops).
- As a Droplet on DigitalOcean (being deprecated in favour of Hetzner).
All hosting solutions use data centers that are located within the European borders and implicitly fall under GDPR jurisdiction.
In most cases, the applications run on a shared environment with other El Niño customers (own servers) and applications from other parties (Digital Ocean and Byte).
In some situations, customers can rent their own dedicated server from El Niño. In this case, the hosting is not shared with other parties.
El Niño has agreements with all four parties involved (DigitalOcean, Hipex, Hetzner, Webguru and Byte) to ensure the privacy of the data on the servers and the security of the servers/applications.
Backups of application data are performed every day on all servers maintained by El Niño. The backups have a retention time of at least 2 weeks and are stored encrypted at Digital Ocean Spaces in Amsterdam or Frankfurt.
Local backups of computers used by employees are performed automatically and securely on a NAS several times a day. The NAS is then synchronized to our 2nd location (Enschede to The Hague, and The Hague to Enschede) through a secure connection. These backups do not contain information from external customers and/or users of our applications, nor information about customers of El Niño (for example invoices, quotations and agreements).
All code of all applications developed by El Niño is also stored in so-called GIT repositories (version control) on our own Gitlab server. These GIT repositories do not contain data/information from customers and/or users of our applications.
Security of servers
Access to the servers is only possible through the use of public and private keys. In principle, only employees of El Niño and the hosting parties have access to the (data on the) servers. If an employee leaves El Niño, the key of the relevant colleague is immediately removed from the server(s). From this moment on, the employee no longer has access to the server.
Only employees involved in the development of the application have access to the server(s) on which the application is hosted.
Test and production data
For most applications we use a DTAP strategy (Development, Test, Acceptance and Production environment). In no case is production data stored in the rest of the environments. All environments except the production environment contain only test/dummy data.
Most applications developed by El Niño have a strict password policy: at least 8 characters, at least 1 capital letter, at least 1 number and at least 1 punctuation mark. All users who want to use the platform must set a password that meets these requirements. Some applications also require you to change the password over time.
El Niño uses a password manager application in which all passwords of all applications are stored. The policy is that when setting a new password, a random password is used with a minimum length of 16 characters that contains at least one punctuation mark and one number.
All El Niño employees have access to all passwords stored in the password manager's shared vault. Employees also have their own private password vault, such that a minimum of passwords is being shared in the team. When a colleague leaves, her/his access to the passwords will be immediately revoked to minimize the risk of possible abuse.
El Niño takes responsibility for entering into processor agreements with all customers. The processor agreement contains guidelines and measures that are taken to prevent data leaks.
The processor agreement describes, among other things, a protocol that must be followed in collaboration with the customer in the event of a data breach. In case of possible data leaks, El Niño will support the customer in the burden of proof, close the leak as quickly as possible, explain to the customer what information has actually been leaked and document what measures have been taken to prevent similar leaks in the future.
All email communication between El Niño and other parties takes place via a mail server maintained by El Niño. All emails are stored on the server and computers and mobile devices connect to the mail server using the IMAP protocol. This saves only recent email on the devices and the rest remains on the server.
All email is sent and received via a secure connection to prevent third parties from intercepting the email traffic.
Roles and responsibilities
All El Niño employees perform one or more roles related to customer service. Depending on which role(s) they take up, specific responsibilities will also be linked to it. The roles can be:
- Project Manager
- DevOps (system administrator)
- Administrate employee
Responsibilities may include:
- Security of server(s)
- Security of application(s)
- Monitoring of server(s)
- Monitoring application(s)
- Code review
- Dealing with debtors and creditors
- Development of (secure) applications
- Testing applications
As someone fulfills more roles, his/her responsibilities will also (automatically) be expanded. Everything is done to ensure that the applications we develop are secure and the privacy of users is maintained.
Classification and processing of information
Data is collected, processed and distributed in all applications we develop. Depending on the application, different types of information can be collected about the users (and therefore individuals) who use the platform. Other types of information will also be collected that are not (directly) related to these users.
Every application tries to collect as little information as possible about the users who (actively) use the platform (data minimisation in GDPR terms).
In general, the following data about a user will be requested and stored:
- Name (first and last name)
- Email address
- Preferred Language
Extensive personal information
Additional information may also be requested in some situations depending on the purpose of the platform. For example:
- Address (street, house number, zip code and place of residence)
- Phone number
- Mobile number
- Date of birth
Job sites we have developed collect more information to help users with their job search. These fields are not mandatory and are filled in voluntarily by the users themselves:
- Work experience
- In possession of certificates
- Courses taken
- Interesting features
- Desired type of employment contract(s)
- Current employer
- Results of assessments
- Results of tests
Online stores that we have developed collect more information to help users purchase products and/or services online. These fields are not mandatory and are voluntarily completed and/or indicated by the users themselves:
- Ordered products
- Delivery address
- Order amount
Some applications may also store information related to companies. These can be entered by the users themselves (for example during the checkout process in a webshop) or can be (automatically) collected by the platform. This company data can be, for example:
- VAT number
- Chamber of Commerce number
- Business address
- Number of FTE employed
- Website (URL)
- Industry active
To prevent abuse on a platform and to monitor user behavior, technical information about a user is regularly stored. This information can be used to prevent and log unauthorized access to information. Technical data may include:
- IP address of last login
- Time of last login
- Type of device used by the user
- User's browser data
- Language of the user's browser
Privacy sensitive and financial information
No privacy-sensitive information is requested and/or stored in any application that we have developed. Think of passport numbers, citizen service numbers, copy of driver's license, etc. Also, no financial data such as credit card numbers are stored. Payments are made by external parties through a secure connection. Information shared between these third-party financial services and our applications relates to the online order and payment status.
Personal data is stored via a secure connection (TLS) and is generally entered by users themselves after they have agreed to the privacy statement that can be read on the website. It is the responsibility of the customer to ensure that the privacy statement is legal and, if necessary, updated in time.
Passwords are always stored hashed so that it is not possible to leak them.
Removing and consulting personal information
Each user has the option to delete his/her account via the platform. When deleting an account, all information associated with the account is automatically deleted. This can be information that the user has provided himself, or information that the system has automatically completed due to the user's activity on the platform (for example, login attempts, emails sent, etc.).
Users can request a printout of any information the system has stored relating to that user. With some applications, the user can do this themself by means of a button on the website. In the absence of such a button, users can send an email to the helpdesk, after which the request will be processed within three weeks.
Data is kept for a maximum of 1 year since the last time the user has been active on the platform.