The highest standards of quality form the basis that ensures that our clients get consistent, good-quality products and services that significantly contribute to our client’s success. Cirtuo is committed to providing products and services that meet the requirements and expectations of our clients. ISO 9001 sets out the criteria for a quality management system, and Cirtuo achieved the ISO 9001 certification in March 2020. Information security has become increasingly important to all businesses. The ISO (International Organization for Standardization) 27001 standard provides a framework to ensure that the certified organization addresses the needs of its customers.
Cirtuo achieved the ISO 27001 certification in November 2019 and continuously worked to the high information security standards. Regarding the GDPR (General Data Protection Regulation), Cirtuo’s business niche is favorable, meaning that the processing of personal data is as minimalistic as possible, done only for a specific contractual purpose with your company. All personal data of employees in your company (a minimal set consisting of name, corporate email address, and IP/timestamps pair for security reasons) is collected to execute the contract with your company, and it is not used in a manner that is incompatible with this purpose.
Cirtuo regularly reviews all NDAs (Non-disclosure agreements) with its employees and external experts to ensure that persons authorized to process the personal data have committed themselves to confidentiality and have informed employees of client companies about how we collect and process their personal data and how they can exercise their rights.
Suppose Cirtuo receives a request from one of your company’s users. In that case, we will act according to its role as the processor and follow the controller’s (your company’s) guidelines as specified by the regulation.
If your company needs proof that we, as your service provider/supplier, are a GDPR-compliant company, we will be glad to help with the insight into our GDPR-compliance processes.