Compliance

Our commitment to enterprise-grade security.

We believe that security is at the heart of any best-in-class solution. It is no secret that security is an important decision criteria for every organization. That is how it should be. As holders of our customers’ most sensitive strategy and corporate data, having high security standards is fundamental.

Our commitment to keeping our customers’ data secure is not something where corners should be cut. That is why we back ourselves with vigorous security and privacy practices that help us protect and secure your business data. If you want to learn more, you’re in the right place.

FAQ

Our compliance and privacy policies and commitments are not developed just to be lengthy, fancy-looking documents, or for legal sakes. We have them, and follow them strictly, because we genuinely care about our customers, their data, results, and security. With Howwe Technologies you can rest assured your security is our top priority, so that you can put your focus where it should be: on achieving your goals. Learn the basics in this Q&A.

Where is data stored?

We use Google Cloud Platform with data centers in the EU (Finland). Our third-party providers are located in the EU (Germany and Ireland) and hosted by Amazon Web Services.

This is a secure and commonly used data storing method that complies with the Schrems II judgment and is used by banks, manufacturing companies and healthcare providers.

What does the legislation say?

According to current legislation within the EU, publicly owned companies must ensure that personal data that is processed is stored within the EU. It is not a legal requirement that all companies that process or store personal data must be based in the EU.

What data is being stored?

All data and any services that hold PII (personally identifiable information) is stored in compliance with GDPR and any customer contracts. Stored data includes personal data of a non-sensitive nature:

  • Name
  • Email
  • Goals and Key Activities
  • Free text comments

Each employee has been trained in personal data handling and is expected to know how personal data is to be handled in the business. The company has also established routines for how personal data is to be protected and handled in the company’s IT systems. The routines include all types of processing and are reviewed and updated continuously.

Have you gone through a compliance or IT/IS audit?

Yes. An audit was carried out by The Legal, Financial and Administrative Services Agency (a framework agreement supplier to authorities such as the Swedish Enforcement Authority). We work with some of the largest banks and pharmaceutical companies in the world and have undertaken vigorous compliance processes to make sure we meet their high demands.

What log-in solution do you use?
  • Single Sign-On with Google and Microsoft 365
  • Username and email
Do you have a dedicated resource and process for compliance and IT/IS?

Yes. We have an appointed person in the management team as well as an internal process for auditing and updating routines and documents, making us fully compatible with legislation at both national and EU level.

What is your uptime?

Over the last 12 months, Howwe has had an uptime of 99.99%.

Do you have routines for handling deviations or incidents affecting customers?

Yes. We have clear procedures and division of responsibilities if an incident were to occur.

Are you ISO certified?

Not yet, but we have implemented policies, routines, a technical safety framework and division of responsibilities that correspond to relevant ISO requirements. ISO certification is continuously evaluated.

More documentation

This Compliance Q&A provides a brief overview of our commitment to high security and privacy standards. These are important and complex subjects and we’re happy to tell you more. You’re also welcome to explore additional compliance documentation below.

Reach out to info@howwe.io if you have additional questions for our Compliance Team.