In every area related to IT and Data Security, we have well-established procedures in place that safeguard your data – and we are very proud of that!
An international management standard for information security. The standard is a management tool that helps businesses protect valuable information, including personal data, in a secure and trustworthy manner. ISO 27001 sets requirements for risk management, documentation of processes, and the allocation of roles and responsibilities for information security, among other things.
The privacy protection standard is a management tool that provides insights into the processes and measures organizations should establish to achieve appropriate protection of personal information. This is an extension of the management standard ISO/IEC 27001 for information security.
Above all, it is crucial that our customers feel completely secure entrusting their data to us. They should be able to focus on their business without worrying about how their data is handled. Often, the information we deal with is sensitive, and by nature, this gives us a high-risk profile in terms of data security management.
Therefore, it is essential that we have standards in place to support our process of continuously maintaining and improving our security. We have evidence of this through our ISO certifications.
You could say that standards are a common language that allows us to understand things in the same way. This means that we can be confident that what we collaborate on or buy from each other meets expectations – whether it’s between businesses, authorities, or consumers.
Standards can, for example, set requirements for a product’s performance or describe technical terminology in a specific field. In our case, it’s a management tool that helps protect valuable information – including personal data – in a secure and trustworthy manner.
We will undergo annual audits, and every three years, we must be re-certified to maintain our ISO 27001 security certification. The evaluation and certification have been carried out by DNV, which is one of the leading global providers of accredited certification of management systems.
All participant activities are automatically logged, ensuring a comprehensive overview down to the smallest detail. We are always available for your organization’s data security expert to ensure compliance with security policies.
Conference Manager is encrypted using TLS (https). Encryption certificates are regularly updated, and keys are changed according to established standards. Whether it’s setting up and administering events or participants’ registration processes, data is completely secure when using Conference Manager.
As a default, we store data for 6 months after your event has been held, in compliance with typical legislation. If different needs arise, our standard packages include data storage for 24 months. All data is stored in Conference Manager’s own data center, and we do not use external parties for operations or hosting. Therefore, we have no data located outside the EU/EEA.
Everyone must have a data processing agreement that complies with the legal requirements, and in practice, it’s impossible to meet the legislative requirements without satisfactory IT support. This means, among other things, that you must be able to:
Conference Manager enables you to easily comply with the regulation’s rules. Without the use of an IT system for this, it becomes an almost impossible task.
When you buy a license from Conference Manager, you also get our mandatory data protection package, which supports our ISO certification. You are assured that your company both complies with applicable legislation and at the same time can document how your and your participants’ data is handled.
Conference Manager’s data protection package contains the following documents:
Geared towards your company’s use of Conference Manager and the evaluation of 12 points, assessing compliance with the law, recommended security measures, etc. The report is based on a specific assessment of your particular events, a review of registration pages, the fields used, agreements, security features, and more. The report also includes management’s confirmation that personal data during the latest reporting period has only been processed within the EU, and that we never use subprocessors or cloud services.
Issued by DNV-GL
Overview of all the security measures that Conference Manager has implemented according to ISO 27001, as indicated in the ISO 27001 certificate. The document consists of more than 15 pages with descriptions and references to international standards, enabling direct verification of compliance with security requirements for authorities and companies that also operate based on international security standards.
Issued by DNV-GL
Conference Manager does not have any independent rights to your data. You, as the customer, are the data controller for the content you input into Conference Manager, and therefore, it is your responsibility to ensure that we fulfill our obligations.
For this reason, we enter into a data processing agreement with all our customers. It is an integral part of our contractual basis. The data processing agreement ensures that:
A complete system for handling registrations and administration of conferences, courses, exhibitions, and workshops. We offer support on all weekdays, and you are always welcome to contact us for advice and collaboration.
© Conference Manager A/S. All rights reserved · Cookiepolicy · Privacy policy · Impressum