At Primerli we are committed to achieving the highest levels of security to protect client data at rest and in transit. We follow an end-to-end approach to data security and privacy with everything from internal processes, external agreements, international regulations such as the GDPRand partners who are certified ISO 27001.
Data protection
All data is hosted by our processor: EasyGenerator, which is certified ISO 27001 and partners with Amazon Web Services. Data centers are physically hosted in Frankfurt, Germany (Central Region). We do not retain any personal data post end of services
Encryption
All business confidential or sensitive data, including client data is encrypted at rest and in transit, in accordance with industry standards, including NIST SP 800-57:
At rest: AES 256
In transit: SSL (TLS 1.2)
Access control
Primerli limits access to confidential data based on the principle of least privilege. In addition, we follow strict process and policies for access control including:
Unique credentials to all personnel
Single-sign-on via Microsoft Azure for authentication to critical applications
Established password criteria and supporting policies
Multi-factor-authentication for all applications and systems that support it
Data backup and recovery
All critical business systems are backed up to the cloud. At Primerli, we require Google Drive for business file storage on employee laptops. Customer data hosted in EasyGenerator is backed up daily and can be recovered within one (1) day.
GDPR
With many of Primerli's top clients being global companies based out of Europe, Primerli has, for many years, been fully GDPR compliant.
All Primerli's subprocessors also have binding GDPR-compliant Data Processing Agreements with us, making the transfer of data between us and them fully secure.
Business continuity and disaster recovery
We have a robust Business continuity plan (BCP) and Disaster recovery plan (DCR) in place, with multi-disaster recovery sites.
Try It Free
What’s included:
Limited access to 1 industry primer
Limited access to a supplemental employee learning assessment