ORTEC and GDPR

ORTEC is committed to high standards of information security, privacy and transparency. At ORTEC, we handle data carefully and do everything we can to secure it. To meet expectations ORTEC secures its customer’s as well as its own information in correspondence with applicable law and regulations. 

On 25th May 2018 the General Data Protection Regulation (GDPR) will come into effect. The GDPR aims to strengthen the security and protection of personal data in the EU and will replace the European Privacy Directive and national legislation. 

Monitored by an internal cross-functional team, ORTEC is extending existing security and business continuity management systems and certifications to ensure GDPR compliance. Robust security processes are in place which enable us to follow adequate procedures when handling and processing data. Registration processes secure traceability of actions taken and are being registered in a dedicated system. Impact analysis will be conducted on a regular basis to audit our performance in this field. 

On top of this, ORTEC has reviewed its standard software products and has made adjustments in line with the latest data protection legislation. Our latest versions of ORTEC Routing & Dispatch and ORTEC Workforce Scheduling contain features for our customers to support GDPR compliance. 

Customers with a valid software maintenance & support contracts are eligible for upgrades and new versions. Please contact your ORTEC account manager for more information on this.

Our Data Processing Agreement (DPA) outlines what personal data is processed, why we process it and how we handle the processing of personal data  in general.

Should you have any questions how ORTEC handles GDPR, please contact us.


FREQUENTLY ASKED QUESTIONS

Does ORTEC support customers to become GDPR compliant?
It is important to recognise that GDPR compliance is a shared responsibility and all customers are responsible for adapting their own business processes and data management practices to ensure that they are GDPR compliant. 

ORTEC supports customers that are using ORTEC solutions to become compliant. Our latest versions of ORTEC Routing & Dispatch and ORTEC Workforce Scheduling contain features that are necessary for customers to become GDPR compliant. We also facilitate an encryption tool within our products that enables anonymisation of customer data. Customers with a valid software maintenance & support contract are eligible for upgrades and new versions. Please contact your ORTEC account manager for more information on this.

Does ORTEC handle my data in a compliant way?
For implementation and support purposes, sometimes data is being transferred from customers to ORTEC premises. We have developed an encryption tool to anonymise personal data. This enables customers to anonymise data before transferring it to ORTEC premises. ORTEC aligns Data Processing Agreements (DPA’s) with its EU customers, to ensure the right processes are in place for data handling and processing.

What is a Data Processing Agreement?
Our Data Processing Agreement (DPA) outlines what personal data is processed, why we process it and how we handle the processing of personal data in general. The DPA is signed by both ORTEC and the customer and both parties agree to process data as required by GDPR and to comply with the terms & conditions of the regulation.

Which ORTEC software solutions and versions are GDPR compliant?
Our latest versions of ORTEC Routing & Dispatch and ORTEC Workforce Scheduling contain features for our customers to support GDPR compliance. Please contact your ORTEC account manager for more details.

I use a tailor-made ORTEC software solution in my company. Will this tailor-made solution support GDPR compliancy?
If you use tailor-made ORTEC software in your company, please contact your ORTEC account manager to discuss GDPR compliance in more detail. Most of our tailor-made software solutions do not contain any personal data, but we recommend checking this in detail. 

What implications does GDPR have on the hosting solutions ORTEC offers?
Safety and security are a key element in selecting our hosting partners. Our hosting partners need to meet strict requirements. We only work with hosting partners that have committed to comply with GDPR regulations.

My company requires a written GDPR statement from ORTEC. Do you have one available?
Yes, we do have an ORTEC GDPR statement describing our commitment and efforts in the area of GDPR. Please contact your account manager for a copy of it.

Does ORTEC have a Data Compliance Officer?
ORTEC has established an Information Security Committee (ISC) to take a leading role in improving and maintaining the information security policies and practices within ORTEC. ORTECs Data Protection Officer (DPO) is part of the ISC and will inform, advise and monitor compliance. 
 
The structure of the website www.ortec.com (hereinafter referred to as the “Site”) Site and each and any of its elements, whether or not copyrighted or otherwise protected by all applicable laws, remain the sole and exclusive property of ORTEC B.V. 

Any reproduction, extraction, display, alteration, modification, adaptation or use of the Site or any of its elements, whether in whole or in part, regardless of their means and purposes, and more generally any act not expressly authorized by ORTEC B.V., is strictly prohibited and liable to prosecution. 

The trademarks, trade names, service marks, logos and other distinctive signs of ORTEC B.V. which are displayed on the Site are protected by Dutch law and other applicable legislations. Any unauthorized use or reproduction is strictly prohibited.

The creation of hypertext links pointing to the Site is subject to the prior written approval of ORTEC B.V. representatives. ORTEC B.V. expressly excludes any liability regarding the contents of sites which have created hypertext links pointing to the Site.

ORTEC B.V. shall make all commercial reasonable efforts to update the information posted on the Site. However, ORTEC B.V. does not warrant nor represent that any of the information posted on the Site is accurate, up-to-date and/or complete. 

As a consequence, ORTEC B.V. shall not be liable in case of damage arising out of or in relation to the use by any person of the Site, notably in case of error in the use of the Site, low availability of the Site due notably to Internet connection problems or presence of viruses through the Site.