Tresorit as an organisation implements multiple measures to protect customer data and remain compliant with regulatory frameworks.
GDPR Recital 78 states that “In order to be able to demonstrate compliance with this Regulation, the controller should adopt internal policies and implement measures which meet in particular the principles of data protection by design and data protection by default.
When developing, designing, selecting and using applications, services and products that are based on the processing of personal data or process personal data to fulfil their task, producers of the products, services and applications should be encouraged to take into account the right to data protection when developing and designing such products, services and applications and, with due regard to the state of the art, to make sure that controllers and processors are able to fulfil their data protection obligations.”
Technical Measures in the Tresorit Product:
The Tresorit service is an online service that is unique in the industry due to the fact that it is secure by design in contrast to other services that maintain a patchwork of security features around their product that can break at any time due to a misconfiguration, error or software bug. In our Secure file sharing and sync by design eBook and Tresorit Encryption Whitepaper we explain how client-side encryption guarantees that not even Tresorit employees are able to access the Encrypted Content from the files users upload to the service.
Organisational Measures:
Tresorit is based on the principle that privacy is a fundamental human right of individuals. Data security is not just a top priority for us, but it is our mission. We invest significant resources in implementing the best solutions and practices to ensure the highest security level for our Customers’ ‘Company Personal Data’ during our business relationship. Our Security Measures for Company Personal Data document contains information about the security measures that are implemented by Tresorit to comply with technical and organisational specifications according to Art. 32 of General Data Protection Regulation (GDPR).
Tresorit is committed in maintaining a strong and effective Information Security Management System that is audited against ISO 27001 annually.
Confidentiality and Ease of use:
At Tresorit we are confident that there is no other online service that is more appropriate to store and share confidential and top-secret corporate documents due to the superior security and ease of use the Tresorit service has.