Data protection & security at virtualQ
What personal data do we generally collect during telephony?
virtualQ records at least the telephone numbers of the people who wish to use the service to enable a callback. The associated time stamp of the callback and the call status are saved for technical implementation.
The facts about data security
- Certified ISO 27001 ISMS in operation
- Resilient infrastructure with low attack surface
- Data minimisation: only absolutely essential data is collected, with deletion configurable or within 90 days latest
- Extensive technical and organisational measures to minimise risk
- Use of extensively certified hosters
- Encryption of data using HTTPS and AES
- Hardened and container-based systems in the cloud
- Regular re-deployment of entire infrastructures due to comprehensive CI/CD process
- Regular security & data protection audits
- Regular staff sensitisation on phishing and social engineering
Data protection plays a role in many places - virtualQ talks about it
Maximum data security
Security management and certifications
- Highest standards with ISO 27001: Our certified information security management system (ISMS) guarantees first-class protection.
- State-of-the-art encryption technologies: We use encryption standards that always correspond to the state of the art (see KRITIS) in accordance with BSI specifications in order to secure your data in the best possible way.
- Reliable partners: Our carefully selected and certified subcontractors meet the highest safety standards.
Data protection procedures and compliance
- GDPR and SGB: Our solution not only meets all the requirements of the GDPR, but also protects your data in accordance with the requirements of the SGB.
- Transparent data processing: Our detailed documentation ensures that you are always well informed.
- Responsible data handling: We protect your privacy and that of your customers by anonymizing and deleting data that is no longer required.
- Reliable audit logs: Our comprehensive safety protocols ensure complete traceability.
Employee commitments and safety
- Confidentiality: Our employees are obliged to strictly observe banking secrecy.
- Responsible handling of sensitive data: Our employees are trained in accordance with the GDPR and are obliged to strictly observe data secrecy.
- Strict confidentiality agreements: To protect your information, all employees are bound by strict confidentiality obligations.
Technical security & continuity
- Reliable business continuity: Thanks to our regularly audited business continuity and IT service continuity management procedures, we guarantee constant availability and security.
- Proactive vulnerability analyses: Regular manual checks and continuous automated scans ensure maximum security.
- Comprehensive penetration tests: Our tests are based on the OWASP TOP10 and OTG standards to ensure that our system is comprehensively protected against all threats.
- Secure open source solutions: By regularly checking open source dependencies, we ensure continuous stability and guarantee maximum security.
- Efficient network segmentation: Our defined access points and multi-layer architectures ensure maximum security and efficiency.
- Secure separation of production and development networks: We minimize risks through strictly separated network environments, multi-level access restrictions and seamless traceability.
- Monitored administrative activities: The use of bastion hosts ensures secure administration and effective monitoring.
Access control and authentication
- Increased security through multi-factor authentication: Our authentication methods offer you additional protection.
- Comprehensive authorization concept: Our sophisticated access management ensures that only authorized persons have access to certain data and systems.
- Strict zero-trust guidelines: In our solution and organization, the Zero Trust principle is an essential building block to ensure maximum security.
Monitoring and alerting
Rapid response to threats: By continuously logging and alerting on unusual activity, we can immediately identify and respond to potential security incidents.
In the last two years one in three companies has already cancelled a digitization project because of security issues*, and this is exactly where we come in, offering solid and reliable information security and allowing you to complete your projects safely and successfully with virtualQ. This is our investment in your secure customer experience.
* Fujitsu-study – The Digital Transformation PAC
Your message to virtualQ
Our investment in
your security
IT security and data protection is our priority.
In view of the many unanswered questions on this in the market, we are always happy to advise you individually.
Our Senior Information & Security Specialist is at your disposal and will be happy to show you comparable:
