This website uses cookies and technologies from third-party companies that require your consent to integrate certain functionalities. By clicking the "Accept All" button, you agree to activate these functionalities. Upon your consent, we and the respective third-party companies will process your personal data for various purposes. You may withdraw your consent at any time. For detailed information on the purposes, legal bases, and third-party companies involved, please refer to our privacy policy.

View Privacy Policy
Accept All
Reject
```

Information Security Policy

Protecting personal and customer confidential information is our top priority. For the sake of our customers, our business ethics and values, we don’t compromise or cut corners when it comes to data security. As part of that commitment, we, Tanso employees and top management, operate with the utmost transparency, and continuously improve of our information security management system. The following overview provides a high-level look at the ever-evolving security practices we have in place.

Protect the Company’s informational and IT assets

Protect the Company’s informational and IT assets including but not limited to all computers, mobile devices, networking equipment, software, and sensitive data against all internal, external, deliberate, or accidental threats and to mitigate the risks associated with the theft, loss, misuse, damage or abuse of these systems.

Protection against unauthorized access

Users shall only have access to resources that they have been specifically authorized to access. The allocation of privileges shall be strictly controlled and reviewed regularly.

Protect confidentiality of information

When we talk about confidentiality of information, we are talking about protecting the information from disclosure to unauthorized parties.

Maintaining integrity of information

Integrity of information refers to protecting information from being modified by unauthorized parties.

Ensuring availability of information

Availability of information refers to ensuring that authorized parties can access the information when needed.

Compliance with legal requirements

Comply with and, wherever possible, exceed, national legislative and regulatory requirements, standards, and best practices.

Develop, maintain and test business continuity plans

Ensure we stay on course despite all obstacles that we may come across. It is about “keeping calm and carrying on!”

Raise awareness of information security

Make information security training available for all employees. Security awareness and targeted training shall be conducted consistently, security responsibilities reflected in job descriptions, and compliance with security requirements shall be expected and accepted as a part of our culture.

Protection of whistleblowers

Ensure that no action will be taken against any employee who discloses an information security concern through reporting or in direct contact with Information Security Management Leader, unless such disclosure indicates, beyond any reasonable doubt, an illegal act, gross negligence, or a repetitive deliberate or willful disregard for regulations or procedures.

Reporting of security breaches

Report all actual or suspected information security breaches to infosec@tanso.de

ISO 27001 certificate

For download