What is security information & certificates?
Documentation of the security measures and practices Afterbuy has in place when handling personal data.
Why and how should I assess this?
When sharing personal data, it is essential to use vendors that can provide sufficient guarantees that their processing activities will meet the requirements of the GDPR.
Proper security is fundamental if sensitive data is processed or personal data is transferred outside the EU.
Things to look out for when choosing a vendor:
-
Industry best practices, certificates, and standards (such as ISO 27001 and the SOC II standard)
-
Statements about encryption
-
Statements about auditing