Technical and Organizational Measures

 

1. Access Control - physical

Measures that ares uitable for denying unauthorized access to data processing equipment with which personal data or personal data are processed or used. Measures that are suitable to prevent data processing systems from being used by unauthorized persons. Access (in the sense of access) is denied to unauthorized persons.

2. System Security

Controllers and processors shall take appropriate measures to ensure availability and integrity.

3. Media Control

Prevention of unauthorized reading, copying, alteration or deletion of data carriers to ensure availability and integrity.

4. Storage Control

Prevention of unauthorized entry of personal data as well as unauthorized access, modification and deletion of stored personal data.

5. User Control

Access to sensitive data and data processing systems is traceable and reserved only for authorized persons.

6. Access Control - logical

To ensure confidentiality, the controller and the processor must take appropriate measures to ensure that authorized persons only have access to the personal data that they need to carry out their tasks.

7. Pseudonymization

The processing of personal data in such a way that the data can no longer be assigned to a specific data subject without the use of additional information, provided that this additional information is stored separately and is subject to appropriate technical and organizational measures.

8. Information Sharing Control

Measures to ensure that personal data cannot be read, copied, altered or removed in an unauthorized manner during electronic transmission or during their transport or storage on data carriers, and that it is possible to verify and determine where personal data is intended to be transferred by data transmission facilities.

9. Data Entry Control

Measures to ensure that it can be subsequently checked and determined (traceability) whether and by whom personal data/personal data have been entered, changed or removed in data processing systems.

10. Transmission Control

Ensuring that the confidentiality and integrity of the data are protected during the transmission of personal data as well as during the transport of data carriers. This means that unauthorized persons cannot read, copy, modify, delete or destroy personal data.

11. Job / Order Control

Measures to ensure that personal data processed on behalf of the client can only be processed in accordance with the instructions of the client.

12. Recovery

Measures to ensure that personal data is protected against accidental destruction or loss and that it can be quickly recovered in the event of a physical or technical incident.

13. Segregation of Duties

Measures to ensure that data collected for different purposes can be processed separately.

14. Cryptography

Access, storage and transmission of data are protected by cryptographic measures so that no unauthorized persons can access data.

15. Data Protection Management

A data protection management system is in place to regularly review, evaluate and evaluate the effectiveness of security of processing.

16. Incident Management

Assist in responding to security breaches, with the aim of quickly detecting data breaches and taking action to mitigate or eliminate the consequences.

17. Privacy-friendly Preferences

Privacy by default / Privacy by design

Technical and Organizational Measures

 

1. Access Control - physical

Measures that ares uitable for denying unauthorized access to data processing equipment with which personal data or personal data are processed or used. Measures that are suitable to prevent data processing systems from being used by unauthorized persons. Access (in the sense of access) is denied to unauthorized persons.

2. System Security

Controllers and processors shall take appropriate measures to ensure availability and integrity.

3. Media Control

Prevention of unauthorized reading, copying, alteration or deletion of data carriers to ensure availability and integrity.

4. Storage Control

Prevention of unauthorized entry of personal data as well as unauthorized access, modification and deletion of stored personal data.

5. User Control

Access to sensitive data and data processing systems is traceable and reserved only for authorized persons.

6. Access Control - logical

To ensure confidentiality, the controller and the processor must take appropriate measures to ensure that authorized persons only have access to the personal data that they need to carry out their tasks.

7. Pseudonymization

The processing of personal data in such a way that the data can no longer be assigned to a specific data subject without the use of additional information, provided that this additional information is stored separately and is subject to appropriate technical and organizational measures.

8. Information Sharing Control

Measures to ensure that personal data cannot be read, copied, altered or removed in an unauthorized manner during electronic transmission or during their transport or storage on data carriers, and that it is possible to verify and determine where personal data is intended to be transferred by data transmission facilities.

9. Data Entry Control

Measures to ensure that it can be subsequently checked and determined (traceability) whether and by whom personal data/personal data have been entered, changed or removed in data processing systems.

10. Transmission Control

Ensuring that the confidentiality and integrity of the data are protected during the transmission of personal data as well as during the transport of data carriers. This means that unauthorized persons cannot read, copy, modify, delete or destroy personal data.

11. Job / Order Control

Measures to ensure that personal data processed on behalf of the client can only be processed in accordance with the instructions of the client.

12. Recovery

Measures to ensure that personal data is protected against accidental destruction or loss and that it can be quickly recovered in the event of a physical or technical incident.

13. Segregation of Duties

Measures to ensure that data collected for different purposes can be processed separately.

14. Cryptography

Access, storage and transmission of data are protected by cryptographic measures so that no unauthorized persons can access data.

15. Data Protection Management

A data protection management system is in place to regularly review, evaluate and evaluate the effectiveness of security of processing.

16. Incident Management

Assist in responding to security breaches, with the aim of quickly detecting data breaches and taking action to mitigate or eliminate the consequences.

17. Privacy-friendly Preferences

Privacy by default / Privacy by design

Get updates from KITRO

Subscribe to our newsletter for quarterly updates
and tips on reducing food waste:

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.