What does it mean to be EU GDPR-compliant?
GDPR stands for the General Data Protection Regulation, a privacy and security law in the European Union, which came into effect on May 25 2018. To be GDPR compliant means that we as a company have taken the time to review the regulation and are doing everything we can to protect your data and that we have put systems in place in order to protect your privacy.
How do you deal with confidential information?
Amberscript’s IT infrastructure is built on data-servers provided by Amazon Web Services, which are certified to the highest standards (including ISO27001). Furthermore, we have developed a secure internal platform to share transcripts that need to be corrected or checked by our transcribers. We also offer NDAs and DPAs. For more information, please contact us here.
Do data remain within the European Union?
Amberscript’s IT infrastructure is built on the server infrastructure of Amazon Web Services located in Frankfurt, Germany. All data that is processed by Amberscript will be stored and processed on highly secured servers with regular back-ups on the same infrastructure. For transcriptions that are performed in English, Dutch, Swedish, Danish, Norwegian, Finnish, German, Portuguese, Italian and Spanish data will never leave the EU. For other languages, Amberscript might use third-party providers for processing and the data might leave European Servers for processing. For all of our third-party providers, we made agreements that the data will be deleted directly after processing.
How do you protect the files I upload and prevent data leakages?
For our manual transcription services, we have developed a secure internal platform to share transcripts that need to be corrected or checked by our transcribers. The files will therefore only be seen by langauge experts working on your files and cannot be accessed by employees or other third-parties. Amberscript will report any theft, loss, misuse or other form of data breach to the customer as soon as reasonably possible. This report includes, as far as possible, at least the following: the nature of the breach, the categories and scope of the personal data concerned, the likely consequences of the data breach, the measures Amberscript has taken and the contact details for the customer to obtain more information.
Are you ISO27001 certified or do you have any other ISO certifications?
Amberscript’s IT infrastructure is built on data-servers provided by Amazon Web Services, which are certified to the highest standards (including ISO27001). Amberscript as a company is in the process of setting up it’s ISO27001 application and has relevant processes in place to assure quality management and integrity of data.
How do you share files internally or with third parties?
For our manual transcription services, we have developed a secure internal platform to share transcripts that need to be corrected or checked by our transcribers. The files will therefore only be seen by the language experts working on your files and cannot be accessed by employees or other third-parties.
How do you ensure that files are secure when shared with third parties? (e.g. transcribers)
For our manual transcription services, when data is transferred internally for manual transcription or for quality checks, the data never leaves the servers of Amberscript. Only qualified transcribers which are assigned to the specific transcription job can access the data. All transcribers are trained to handle sensitive data with great care and all transcribers signed NDA’s and DPA’s. Traffic to the database is encrypted using SSL and all communication between front end and back end is encrypted using the latest version of TLS.
Who can access the files that I upload?
For our manual transcription services, we have developed a secure internal platform to share transcripts that need to be corrected or checked by our language experts. The files will therefore only be seen by the language experts working on your files and cannot be accessed by other employees or other third-parties.
How long are my files stored?
In order to ensure that you can always access your data, your content stays on our servers during your time as an active user. If you delete your account, all your data will be deleted from our servers within six months unless you delete the data earlier yourself. To delete data earlier, you can delete the transcripts directly from your Amberscript dashboard.
How do you protect my files?
Amberscript takes the following steps to protect your files: we ensure that none of the Amberscript employees, 3rd parties or anyone else has access to your files, with the exception of language experts and quality checkers if you choose your files to be manually perfected. Amberscript’s database and hard-disks are encoded.Traffic to the database is encoded. All communication between frontend and backend is encrypted with the latest version of TLS (currently TLS 1.2). Amberscript creates back-ups of data on an hourly basis. The main server and all back-up servers are synchronized continuously. Files that are added/deleted to the main server will be therefore automatically added/deleted to/from all back-up servers. Users of Amberscript have the right to delete their data from all servers (including back-up servers) at any time. In case of usage of Amberscript’s API, Amberscript can set ‘always delete’ as a default setting so that all data of the client will be automatically deleted after processing. If the customer does not request the deletion of files, the files will be stored for a maximum of 6 months. Data is stored with a leading cloud-provider (AWS) on servers in Germany. The servers are certified according to ISO27001 and ISO9001 standards. Amberscript uses 2-factor authentication for all services wherever possible.