- About us
Personal integrity and the security of personal data are of utmost importance to us.
Assessio has made, and continues to make, large investments aimed to ensure we continuously work on improvements regarding security and procedures to respect personal integrity complying with the GDPR.
Data protection, security and integrity are shared responsibilities between Assessio and our customers. The Ascend and Assessio platforms are cloud-based so-called SaaS solutions. Assessio takes responsibility for physical security of hardware, infrastructure, and our part of data protection. The customer is responsible for the parts of the system that are incumbent on them, e.g. authorization assigned to relevant employees, legal basis for personal data processing, and provide local processes and routines protecting personal data in accordance with the GDPR.
When individuals wish to use their rights in accordance with the data protection regulation and contact Assessio, we will inform our client as soon as possible, as well as reply to the individual that we have contacted you. It is therefore important that our clients have processes in place to respond when candidates wish to exercise their rights.
We follow a well-defined incident management process, and have first, second and, third line support to ensure incidents are handled immediately at correct level and by the correct role Assessio works continuously and structured with customer feedback and strives to constantly improve our systems in close collaboration with our customers.
All routines around personal data management and data protection are documented in our GDPR and ISO 27001-certified management system for information security.
Assessio has clear and well-defined routines and processes that ensure confidentiality is maintained, both in the Ascend system as well as in functionality that involve manual procedures.