Our screening software is GDPR proof and ISO 27001 certified
Privacy and security are very important to Validata. During the construction and further development of our software, Valluga, we always apply both privacy by design as well as security by design. As a result all requirements of the GDPR have been taken into account in Valluga. Furthermore, Validata strictly follows its Information Security Management System (ISMS), which is ISO 27001 certified.
What does GDPR proof mean?
GDPR proof refers to compliance with the General Data Protection Regulation (GDPR). This means that Valluga complies with the requirements of the GDPR. Validata processes certain personal data based on the instructions of the client, who is the data controller.
Nevertheless, as a data processor, Validata also has obligations under the GDPR. For example:
- Data processing agreements (DPA): these must be signed with each client. These include the basis of the data controller.
- Transparency: A company must clearly disclose what personal data is collected, why they collect it and how they handle it.
- Data minimisation: Only the data necessary to achieve a certain purpose should be collected.
- Data breaches: Data breaches should be reported to the data controller as soon as possible.
Validata has its own Privacy Counsel, a separate Data Protection Officer (DPO) and also a processing register.
What is the ISO 27001?
Developed by the International Organisation for Standardisation (ISO), ISO 27001 defines the requirements for establishing, implementing, maintaining and continuously improving an Information Security Management System (ISMS) within a company. Its purpose is to help organisations adopt a systematic and proactive approach to information security.
By meeting the high requirements of our ISMS, which is ISO 27001 certified, information security risks are better understood and identified.
How does a company meet the requirements of ISO 27001?
Information security risks are identified and these determine what measures are needed to control them.
Policies should be set up so that the organisation’s information security objectives can be achieved in a proper and secure way.
By implementing the established measures, all information is protected against identified risks.
Creating awareness and training staff on information security is important to reduce risks.
By having systematic and independent assessments audits check your organisation, it becomes immediately clear where there is room for improvement and what is already going well within the ISMS.
The ISMS must be monitored and evaluated to constantly improve information security and security risk management.
How does Validata comply with GDPR legislation?
Privacy by design
We ensure that the requirements of the GDPR are already accounted for in the development of new processes and systems. By using privacy by design at an early stage, optimal security of personal data can be guaranteed from the start and organisations can be sure that they rely on an organisation that complies with the GDPR.
Security by design
To guarantee our screening software’s security, Validata uses secure frameworks and continuously monitors and scans the application daily for vulnerabilities. As a result, the safe and precise in-house development team delivers a secure screening application hosted within the EU at a top-tier data centre. Additionally, it is periodically tested through penetration tests and ethical hackers by independent parties.
ISO certified
Validata is also ISO certified (27001 & 9001). This guarantees high quality management and information security.
Why is secure screening software so important?
It is very important because a screening software is used to process and verify sensitive information, mainly personal data. Security and privacy are very important to Validata, which is why our software, Valluga, complies with all regulations regarding privacy and data protection.
Failure to comply with these can have unpleasant consequences:
- Deterring candidates from being screened: If an organisation is unable to ensure a secure and transparent screening process, this may lead to loss of personal data of the candidates who in turn may lose their trust in that organisation.
- Large fines: If an organisation fails to comply with the GDPR, worst case scenario is that this could lead to fines imposed by the Dutch Privacy Authority.
- Reputational damage: Failure to comply with the GDPR can lead to major reputational damage. Companies are less willing to engage with you because your organisation has shown that they are not careful with personal data.
Challenges in employment screening
- Time-consuming task to gather correct information
- Complicated to actually check documents and information
- Increasing laws and regulations around employment screening
- Higher risk of human errors
- Process often unclear and not secure enough
- Poor candidate experience
Benefits of the screening platform Valluga
- Validata takes all work of your hands
- Different screening profiles possible
- Process is digitised and automated
- Transparant process for client and candidate
- Both local and international checks via data partners
- Sub-reports and a completed screening report
- Valluga complies with all laws and regulations
Contact us
"*" indicates required fields
Contact us
"*" indicates required fields
Contact us
"*" indicates required fields
Contact us
Contact us
Download the white paper
Download the white paper
Download the white paper
Download the white paper
"*" indicates required fields
"*" indicates required fields
"*" indicates required fields