Centrical takes the security of your data seriously
We recognize the privacy and security of your data is vitally important. That’s why we are dedicated to providing a highly secure and reliable environment you can trust.Try Centrical
Centrical data security is certified
Centrical (Biz-Effective Ltd.) has the International Organization for Standardization (ISO) certification for Information Security Management: ISO/IEC 27001. This is the most rigorous global security standard for Information Security Management Systems.
This ISO certification means customers can be confident that Centrical protects Personally Identifiable Information in the cloud to the highest standards.
To become certified, a company must show a continuous, structured commitment to managing sensitive company and customer information. The Centrical security model and controls are based on this and other international protocols and standards, and adheres to industry best practices
Centrical is GDPR compliant
With customers in almost every country in the world, Centrical adheres to the General Data Protection Regulation (GDPR). It is a mandatory ruling that applies to all companies that collect the data and information of EU individuals and meet certain territorial requirements. The GDPR is designed to strengthen the security and protection of personal data in the EU, as well as provide businesses with a structured framework on how to collect, process, use, and share personal data. Under the GDPR, the concept of “personal data” is very broad and covers almost any information relating to a specific individual. All companies collecting or processing the personal data of EU individuals must be GDPR compliant.
GDPR requires companies like Centrical to process personal data of European individuals in ways that comply with this set of regulations. Clearly, by doing this, we’re able to help our customers in their efforts to comply with GDPR too.
As part of our GDPR compliance, we have:
- Listed all of our data repositories that hold personal data
- Established legal grounds for processing
- Established our role as a Data Processor or Data Controller of the different data repositories
- Created and documented a Data Subject request process
- Implemented capture of consent and opt-out records when applicable
- Created a list of Sub-Processors and performed Vendor Risk Management (VRM) assessment of their compliance with our standards
- Sign-up Data Processing Agreements (DPA) with customers and 3rd party vendors
- Launched an annual mandatory privacy training to all.
If you have questions about GDPR, please contact us at firstname.lastname@example.org or +1 800-538-4263.
If you have a security question, please contact our privacy team at email@example.com.