Trust center

We prioritize the safety and security of our products and operations above all else. This is more than an obligation — it’s our unwavering commitment to our clients and partners.

Enterprise-grade security

ISO/IEC 27001 Certified Information Security Management System

At the heart of our global secure operations is our Information Security Management System (ISMS), which lays out the foundational principles guiding our actions.

All our employees, contractors, and partners operate within this framework, emphasizing vigilance and security. As digital threats continually evolve, we prioritize your security, enabling you to conduct business confidently.

    • Why ISO/IEC 27001: The ISO/IEC 27001 standard underscores a wide-ranging approach to information security. Aligning our ISMS with this standard fortifies our commitment, ensuring we establish, uphold, and perpetually enhance our security protocols.
    • External Audits and Validations: Our ISMS is not only about what we do in-house. We have independent agencies check it thoroughly to make sure we’re following the best global standards. This means that wherever we operate, we ensure top-level security.

Read more about ISO/IEC 27001

Read more about our Information Security Policy

Physical security

Our service infrastructure is hosted on Microsoft Azure, which is an ISO/IEC 27001 and SOC2 certified service. Azure’s adherence to the strict security controls contained in these standards is verified by rigorous third-party audits that demonstrate Azure services work with and meet world-class industry standards, certifications, attestations, and authorizations.

We are using only European (EU) data centers at the moment.

Read more about Azure compliance documentation

Our Product Assurance: Finbiosoft Cloud Certification

Our commitment to security goes beyond just our operations; it’s integral to our products. The Finbiosoft Cloud, including the Validation Manager, meets the stringent ASVS OWASP criteria, placing our products at the forefront of cybersecurity.

ASVS OWASP Certification:

The Application Security Verification Standard (ASVS) Project by OWASP provides a framework for the security of web applications. Our dedication to cybersecurity doesn’t halt at operational processes — it extends to every product we develop. Our adherence to the ASVS OWASP criteria serves as testament to the rigor and diligence we invest in our product development and assurance processes.

In essence, this certification means that Finbiosoft Cloud products are developed, tested, and maintained according to globally recognized security standards. This, in turn, provides our clients with the assurance that our products are not only efficient but also secured against known vulnerabilities.

Read more about OWASP Application Security Verification Standard (ASVS)

Data privacy at Finbiosoft

At Finbiosoft, we prioritise the privacy and protection of personal data. Respecting the rights of individuals and safeguarding their personal information is fundamental to our operations. We adhere strictly to the General Data Protection Regulation (GDPR) requirements, ensuring that:

    • Consent and Transparency: Before collecting any personal data, we obtain clear and informed consent. We ensure that our users understand why and how their data will be used.
    • Data Minimisation: We only collect the data necessary for our services, ensuring it is relevant and limited to what is essential.
    • Right to Access and Erasure: Individuals have the right to access their personal data and request its deletion. We’ve streamlined processes to address these requests promptly.
    • Data Protection: With stringent security measures, we ensure the safety and integrity of personal data against breaches and unauthorised access.
    • Continuous Review: Regular audits and reviews are conducted to ensure our data handling practices remain compliant and updated with the GDPR standards.

Ensuring data privacy is not just about compliance for us; it’s about building and maintaining the trust of our users and partners.

Have questions?

Please contact [email protected] to get help with your questions regarding the safety and security of our products and operations.