Information security is about how we handle and store data within the company. Confidentiality, integrity and availability are key principles. Privacy means following data protection principles and safeguarding our customers’ rights in accordance with the Personal Data Act and the GDPR. We are always happy to talk with our customers about how they can use the privacy features available in the event registration system.

Information security for our customers

Large amounts of data can be stored through our cloud-based event registration system. By default, we use servers where data is encrypted at all levels. However, a security breach can take many forms. For example, an exported participant list could end up in the wrong hands, or an unauthorised person could gain access to a login password. As a system provider, we cannot control every possible incident. But we work hard to identify and address any vulnerabilities to help prevent security incidents.

If a security breach occurs at Pindena or at one of our customers, we will immediately take steps to prevent escalation. The customer experiencing the breach must report it to the relevant Data Protection Authority, while we follow our own incident response procedures.

Security is always on our agenda

Security is always on our agenda. Every month, we work on risk assessments and other routines. Management is informed on a quarterly basis, and with every small or large step we take, we improve our security practices. Pindena conducts an internal audit of its information security every year, and an external audit every three years. Customers can request our risk assessment and audit reports at any time.

Well prepared for the future

With a robust management system for information security, we are well prepared to handle incidents. Our employees have extensive knowledge of GDPR, privacy and information security, and take annual courses to stay updated. When the project started in 2019, Heidi Martens-Lea became our Data Protection Officer and Head of Information Security. She received valuable support from Rolf Haavik at Habberstad during this process. You can read more about our journey and how we work with security in an interview with Heidi.

Relato carried out an external audit in 2021, concluding that Pindena is well equipped to maintain strong information security and privacy protection.

New external audit in 2024

Pindena has once again completed an external audit of its information security management system. The audit was carried out by Relato, in collaboration with Isox. After two audits together, we have built a strong working relationship with Relato. They believe that Pindena has a clear competitive advantage thanks to our expertise and compliance with the ISO 27001 standard. This is, of course, very encouraging, and we will continue working hard to maintain our high standards for information security.