Data Security at GoBright
The Smart Office Solutions that GoBright provides, are cloud-based only. When booking a desk or room, inviting visitors, or creating a digital signage playlist, in the Online Portal or Mobile App, a variety of different anonymous and personal data are collected. It is our responsibility to keep that data secure. As the importance of data security increasingly grows it is crucial to establish a 100% foul proof data security system.
The 2022 Verizon Data Breach Investigations Report found that ‘82% of breaches involved a human element’. At GoBright, we understand that people have become even more critical for security as hybrid work has exploded. More devices and collaboration tools are used, at more different locations. The risks this entails can be limited by using one safe and secure platform from which everything is managed, such as GoBright’s platform.
The solutions on the GoBright Platform are offered as SaaS (software-as-a-service), which means we exclusively deliver our software applications via the internet. Personal data such as your name and company email address are necessary to make bookings via our platform. Using ‘Find My Colleague’, loading your personal sitting and standing height and booking your parking spot produces data automatically. This means that collecting data by GoBright is inevitable. To guarantee the safety of your personal data, GoBright is governed by our License Subscription Agreement (LSA) and our Data Processing Agreement (DPA). To read more about our Privacy, Terms and Conditions you can consult our website.
GoBright has no ownership over your data. Our platform only processes data. We are not allowed to copy or sell any data which means you are always, for 100%, in control of your data. To ensure all data is safe with us, GoBright has multiple, legally obliged processes in place.
The GDPR – General Data Protection Regulation – is a set of rules that help protect the right to privacy of every natural and legal person. Every company based in the European Union is obliged to follow this set of rules. Processing data includes collecting, storing, using, forwarding, sharing, distributing, and merging personal information. As you can imagine, working with our platform includes all these elements. Personal data is key to optimally using our software and features. As GoBright is based in the European Union, we are obliged to meet all GDPR demands. This obligation is laid out in our Data Processing Agreement.
ISO 27001 Certified
GoBright is officially and internationally recognised for high standards regarding information security. With the ISO 27001 certification, we confirm that our processes and security strategy is future-proof. We are audited on a yearly basis to ensure the security system conforms to the standards of the market. It is important for us to continuously test, check, document, and manage ourselves, for GoBright but also for our customers. This yearly audit of our Information Security Management System (ISMS) includes, but is not limited to, authorising access to data, handling business continuity, disaster recovery, and encrypting data communications.
Location of processing
The GoBright platform runs on Microsoft Azure, which supplies the data centre services where the data is processed. Our customers can choose where to deploy their instances, to keep the data processing local, currently either in EU datacentres or in UK datacentres. We take care of processing the data in that region, including two backup data centres in the region for disaster recovery.
Data Security and New Talent
We have previously talked about the importance of attracting and retaining new talent in today’s work sphere. Not only health and well-being, purpose and pleasure, and a good work-life balance is important to young people. In a 2022 published research: Changing Societies & Personalities ‘…one of the main fears of 56% of young people (between 18-23), is the security of personal data’.
One of the most important factors causing this fear is the continuous growth of personal information in social networks and messengers and the increase of hacker attacks and viruses. It is of absolute importance that Data Security is high on your corporate to-do list if you want talent to stay. Young people are much more aware of the dangers due to negative experiences online every day. They are vigilant and aware of personal data usage, and they measure this against other opportunities.
We all want our digital identity and data to be safe. Whether talking about our personal data, or data available through our employers, we want to be sure we are well protected. We continuously make sure that our system is safe to use. GoBright is determined to deliver excellent data security for everyone using our platform. That also means informing you of our safety precautions and keeping you up to date with the steps we take to protect your personal data.