ORTEC is committed to high standards of information security, privacy and transparency. At ORTEC, we handle data carefully and do everything we can to secure it. Our customers expect that from us as well. ORTEC secures its customer’s as well as its own information in correspondence with applicable law and regulations.
Across the world countries are implementing some form of privacy legislation. The general aim of all this new legislation is to strengthen the security and protection of personal data and return ownership of this data to the data subjects. Examples of such legislation are the GDPR for Europe, the Privacy Act and Privacy Regulation in Australia and the LGPD in Brazil.
Monitored by an internal cross-functional team, ORTEC is extending existing security and business continuity management systems and certifications to ensure compliance to privacy legislation. Robust security processes are in place which enable us to follow adequate procedures when handling and processing data. Registration processes secure traceability of actions taken and are registered in a dedicated system. Impact analysis will be conducted on a regular basis to identify privacy and security risks. Regular internal and external audits are performed to audit our performance in this field.
On top of this, ORTEC will continuously review its standard software products and make adjustments in line with the latest data protection legislation. For example, the latest versions of ORTEC Routing & Dispatch and ORTEC Workforce Scheduling contain features for our customers to support compliance to mentioned legislation.
Customers with a valid software maintenance & support contract are eligible for upgrades and new versions. Please contact your ORTEC account manager for more information on this.
Our Data Processing Agreement (DPA) outlines what personal data is processed, why we process it and how we handle personal data processing in general, and is part of every contract with customers if applicable.
Does ORTEC support customers to become compliant to privacy legislation?
It is important to recognize that compliance to privacy legislation is a shared responsibility and all customers are responsible for adapting their own business processes and data management practices to ensure that they are compliant.
ORTEC supports customers that are using ORTEC solutions to become compliant. Our latest versions of ORTEC Routing & Dispatch and ORTEC Workforce Scheduling contain features that are necessary for customers to become compliant to privacy legislation. We also facilitate a tool within our products that enables anonymization of customer data. Customers with a valid software maintenance & support contract are eligible for upgrades and new versions. Please contact your ORTEC account manager for more information on this.
Does ORTEC handle my data in a compliant way?
For implementation and support purposes, sometimes data is being transferred from customers to ORTEC premises. We have developed an anonimization tool to anonymize personal data. This enables customers to anonymize data before transferring it to ORTEC premises. ORTEC aligns Data Processing Agreements (DPA’s) with its EU customers, to ensure the right processes are in place for data handling and processing.
What is a Data Processing Agreement?
Our Data Processing Agreement (DPA) outlines what personal data is processed, why we process it and how we handle personal data processing in general. The DPA is signed by both ORTEC and the customer and both parties agree to process data as required by privacy legislation and to comply with the terms & conditions of the regulation.
Which ORTEC software solutions and versions are compliant to privacy legislation?
Our latest versions of ORTEC Routing & Dispatch and ORTEC Workforce Scheduling contain features for our customers to support compliance. Please contact your ORTEC account manager for more details.
I use a tailor-made ORTEC software solution in my company. Will this tailor-made solution support compliancy to privacy legislation?
If you use tailor-made ORTEC software in your company, please contact your ORTEC account manager to discuss privacy compliance in more detail. Most of our tailor-made software solutions do not contain any personal data, but we recommend checking this in detail.
What implications does privacy legislation have on the hosting solutions ORTEC offers?
Safety and security are a key element in selecting our hosting partners. Our hosting partners need to meet strict requirements. We only work with hosting partners that have committed to comply with privacy regulations.
My company requires a written GDPR statement from ORTEC. Do you have one available?
Yes, we do have an ORTEC GDPR statement describing our commitment and efforts in the area of GDPR. Please contact your account manager for a copy of it.
Does ORTEC have a Data Protection Officer?
Yes, ORTEC has assigned a Data Protection Officer (DPO). He can be reached via dpo@ortec.com or via the contact forms on our website.
ORTEC has established a Quality, Risk and Compliance Team to monitor Information Security and Data Protection, and take a leading role in improving and maintaining all aspects of Information Security and Data Protection. ORTECs DPO, ORTECs Quality Manager and ORTECs Security Officer are all part of the QRC Team.