Information security and privacy
Since the foundation of NDI, more than 20 years ago, information security has been an important spearhead in the way in which technology, processes and management of the organisation have been set up and arranged. We have taken measures to limit security risks as much as possible. The primary goal is to ensure that the company information and sensitive data of our customers are available and secure.
NDI’s information security policy is aimed at, among other things:
- reducing the risk of damage or loss of customer data and thus reducing the risk of loss of customer confidence
- protecting confidentiality, integrity and availability of customer data
- ensuring that only authorised users have access to information and information systems
- ensuring compliance with applicable laws and regulations
Leading in the security measures is the fact that NDI ensures continuous improvement of the information security systems. The various processes and procedures concerning information security are recorded and applied and comply with the ISO 27001 standard. This is periodically established and confirmed by an independent auditor: DNV-GL. NDI has been ISO 27001 certified since 2017. We are very proud of this and assure our customers that their company information is handled safely.
In addition to setting up information security processes and procedures, NDI also complies with the applicable European privacy legislation as laid down in the General Data Protection Regulation (GPC).
NDI customers themselves are responsible for the protection of personal data processed by NDI. Good agreements about the handling of these data prevent surprises coming to light. For this reason, we encourage our customers to sign a processing agreement with us in which clear mutual agreements are laid down about how we handle personal data of customers and what to do in situations where something unexpectedly still goes wrong.