At Halito!, security comes first. We can develop nice features, but if personal data is not stored and processed in a secure way, software is of no use. Our principle is ‘Security by design’.
Security by design
The security of a Software as a Service (SaaS) solution such as Halito! is a continuous process and ensures confidentiality, integrity and availability of applications. Secure software is the result of security-conscious software development processes where we develop software with security as the first priority. The solution for the security of software is much more than just the technology.
Without wishing to provide an exhaustive list of all the measures we take, we would like to show that we take security very seriously.
The solution to software security is much more than just technology. At Halito! we are aware of the full picture.
Security by design in the application
- We develop state-of-the-art according to the secure software development method
- We follow the principles of OWASP Top 10
- Yearly we have a PEN-test and share these results with our customers
- We use Two-Factor Authentication on our platform
- With user management can you manage which user has which access rights
- Personal data is only kept for a limited amount of time
Security by design in the hosting
- The hosting is within the European Union
- Both the application and the event websites are secured with a SSL/TLS-certificate
- We set up the so-called SPF, DKIM and DMARC to correctly send emails from the Halito! platform
- We can set up a dedicated hosting per customer
- On dedicated hosting, we can activate IP whitelisting to access as a user
- Check real-time the status of our application
Security by design in the features
- Importing a guest list is only possible if you indicate that these people have given their permission
- The event communication of Halito! comes standard with a disclaimer and opt-in/out policy so that your relations can subscribe/unsubscribe to e-mail campaigns
- To share a participant list, you need the consent of the participant. Halito! a mandatory opt-in.
Security in the collaboration
- We make clear contractual agreements about the use of the tool
- We only work together if there is a Processing Agreement
- The personal data of invitees and participants remain the property of your organisation
- Responsible Disclosure: contribute to optimal security
GDPR compliant
Halito! sets the bar high when it comes to the protection of personal data. GDPR compliance is a common thread in the application, in the hosting and in the collaboration.
- Comply with European privacy legislation
- No worries about customer data security
- Reliable partner in the protection of personal data
ISO 27001 compliant
Halito! has officially obtained ISO / IEC 27001 : 2013, equivalent to: DIN EN ISO / ICE 27001 : 2017.