Security in data collection and processing
When collecting data over the Internet / intranet, you often come into contact with questions about the security of your data and data protection requirements. Here it is particularly important to ensure the safe operation of your system. An attack or unauthorized access to data could lead to great damage and loss of trust.
As a system expert in your company, you also take care of compliance with legal regulations and important standards.
In this context, these factors for security in your company are important:
- GDPR (General Data Protection Regulation)
- Secure data transmission through end-to-end encryption in all areas
- internal access authorization and management of your own data in your company
With FORMCYCLE you can rely on secure data processing that complies with legal requirements. This leaves more time for you to focus on the important things in your company.
What are the safety features of FORMCYCLE?
In the concrete implementation, we focus on the three areas of backend (administration), front end (provided forms) and compliance with the provisions of the GDPR.
- Access via HTTPS
- Flexible role management for access to individual areas of the administration interface
- Individual authorization to display / edit transactions in the mailbox
- Integration of existing user administrations such as MS Active Directory *
- Password policies
- Encryption of the database and configuration files
- Fail-safe cluster operation *
Front end (online forms)
- Access via HTTPS
- Security mechanisms for recognizing and warding off so-called BOT’s via honeypots, CAPTCHA and other functions
- Registration via so-called identity providers * (e.g. OpenConnect ID, LDAP, Google, service accounts of the federal states) or additional password protection
- Double opt-in
- End-to-end data encryption from the form to the database
- Configuration of automated deletion rules
- Configuration for automated anonymization of data records
- Restrict access to transaction data
- Email encryption via TLS / SSL and S / MIME
- No storage of additional / hidden data such as IP addresses
- Hosting possible in our data center (location in Germany) or in the company's own data center
*additional licence key necessary