no

Intelligence in names.

You are here: Home > Legal > Regulatory Compliance

Regulatory Compliance

GDPR Compliance (Europe)

Data Protection: We adhere to the General Data Protection Regulation (GDPR), ensuring that all personal data is processed lawfully, transparently, and securely.

Regular Audits: Our practices include regular audits and updates to stay in line with the latest regulatory changes.

Data Subject Rights: We respect and uphold the rights of data subjects, including the right to access, rectify, and erase personal data.

General Data Protection Regulation (GDPR)

European Union regulation on the processing of personal data

➡️ https://gdpr-info.eu
➡️ wikipedia

DORA Compliance (Europe, Finance)

Operational Resilience: The Digital Operational Resilience Act (DORA) mandates that financial entities (and their suppliers) maintain robust operational resilience. We implement comprehensive measures to ensure that our systems and processes are resilient against operational disruptions.

Risk Management: We have a proactive approach to risk management, identifying and mitigating potential threats to ensure continuous protection.

Incident Response: Our incident response group is prepared to act swiftly in the event of a security breach, minimizing potential damage and ensuring a quick recovery.

Digital Operational Resilience Act (DORA)

➡️ eiopa.europa.eu
➡️ wikipedia.org

NIS2 Compliance (Europe)

The European NIS2 directive applies to 15 business sectors, including Health, Finance, Public Administration, and Postal Services. As a supplier to organizations in these sectors, we comply with the regulation.

Specifically, these are part of our Cyber Security:

  • Risk Management: risk assessment and security policies
  • Incident Response and Reporting Plan
  • Cybersecurity Training for management and teams
  • Supply Chain Security Management
  • Business Continuity as part of Infrastructure
  • Technical Measures: strong access control, data encryption, monitoring.
  • Audits, internal and external.

Network and Information Security Directive (NIS2)

➡️ digital-strategy.ec.europa.eu

PCI DSS (worldwide)

The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that all companies that accept, process, store, or transmit credit card information maintain a secure environment.

Specifically: Protecting Cardholder Data. Our SearchCluster solution stores all data in strongly encrypted form. All data transfers are performed in encrypted form.

Payment Card Industry Data Security Standard (PCI DSS)

➡️ pcisecuritystandards.org
➡️ wikipedia.org

ISO/IEC 27000

This family of standards serves as guidelines in our cybersecurity efforts.

International Organization for Standardization (ISO), International Electrotechnical Commission (IEC)

➡️ wikipedia.org

By adhering to these regulations, we ensure that our clients’ data is protected and their operations remain secure and compliant. See also: Cyber Security at Optimaize.