Data privacy and data security
Digital Samba is a security-conscious organisation - always has been, and always will be. Compliance with regulations is not the main driver behind this philosophy. We simply believe it makes sense to respect the trust our customers and partners have placed in us. That said, we welcome compliance regulation because it provides a framework within which to operate. Over the years, various rules and regulations have come into effect, and we take pride in going above and beyond to ensure compliance. With the advent of the GDPR, we jumped at the opportunity to take a good, hard look at our security and privacy protocols and processes.
But our work is not done. We continue to monitor, revise, audit and fortify our processes, and we continue to collaborate with security experts to keep your data private and secure.
We believe in ethical business practices. We do not make our money by selling customer data - ever. We value relationships over a quick buck, and we demand the same from our partners.
For those inclined to deep-dive into the specifics of what we do to protect your data, take a look at the various documents in the following sections.
Technical and Organisational Measures (TOMs)
Digital Samba’s Technical and Organisational Measures (TOMs) were defined, documented and implemented as part of our preparations for GDPR compliance. These measures aim to safeguard the confidentiality, availability, integrity and resilience of personal data. It’s worth remembering that absolute protection is impossible, but that doesn’t stop us from trying. We are extremely diligent in maintaining the strongest possible protective measures.
Data Processing Agreements (DPA)
Digital Samba essentially offers two types of products: B2C and B2B. Roughly defined, B2B customers handle invoicing and billing of their own end users, whilst B2C customers are entirely handled by Digital Samba. B2B customers also have more options about how their infrastructure is configured and deployed.
Consequently, we engage different subprocessors depending on the type of customer you are, and we thought it prudent to create a separate Data Processing Agreement (DPA) for each. They are of course similar in nature and both validate that we are not frivolous with our duties as a data controller and a data processor.
The B2B DPA can be found here, and the B2C DPA can be found here. Note that the B2C DPA also applies to visitors of our websites.
Please contact us if you want us to execute a DPA with your organization.
Security White Paper (SWP)
The Digital Samba Security White Paper (SWP) gives you a practical overview of how we apply our data security philosophy in the various elements of our platform and organisation. From protocols and hosting locations to security features and incident management, everything is covered.
The SWP can be found here.
If you want more information or wish to exercise your rights under GDPR, please get in touch and our support team will be happy to help.You can also consult our legal information page where you will find our agreements, policies and notices.