All Hosting Solutions personnel are trained and constantly updated on data processing and access to infrastructure databases. All activities of staff (including external staff) are set out in personal assignment letters subject to non-disclosure and confidentiality agreements (NDA:non-disclosure agreement).
In addition, the priorities and rights of access to data by personnel are reviewed annually and amended if necessary.

The infrastructure of Genesys Informatica s.r.l. has been designed and built to guarantee maximum security, availability and data integrity, as required by the security measures described in the GDPR.
A number of documents have been prepared in order to provide evidence of these security measures, the methods of access to the infrastructure, the controls performed and all the redundancies available. Ad-hoc control measures were implemented to verify the goodness and functionality of the measures adopted.

Real-time monitoring is carried out to assess any security breaches and to notify the supervisory authorities and/or those directly concerned; a detailed register of data processing is also kept in order to be able to analyse and resolve any requests made by data subjects in the exercise of their rights.

A detailed risk analysis was carried out on all company assets (not just personal data) to minimise any kind of risk that might jeopardise security, availability and integrity of data.

Lastly, an assessment of the impact on the processing of personal data of each new service provided has been included as a design requirement.

Genesys Informatica also has a DPO with whom it constantly collaborates to meet the privacy and data protection needs of its customers.