During the data recovery process in our laboratories, we often handle sensitive, confidential files of large companies and very personal customer data.
It is evident that during this process, TicTac Laboratories must maintain absolute security and confidentiality regarding the data it recovers.
Certifications with ISO27001 & ISO9001
IISO/IEC 27001 is the only auditable international standard that specifies the requirements for an Information Security Management System (ISMS).
The standard is designed to ensure the selection of adequate and balanced security controls. This selection helps an organization protect its information assets and earn the trust of stakeholders, especially its customers.
ISO 9001 is the international standard for Quality. The standard defines the requirements according to which a business must operate so that its customers and other interested parties consider the final product and/or service satisfactory.
Cooperation Agreement
To ensure the safety of our customers, a special paragraph in the contract signed between the two parties explicitly mentions the issue of complete confidentiality and data security.
Paragraph 4 of the contract that the customer signs to begin the data diagnosis/recovery process states the following regarding the confidentiality of your data:
The Company provides its services and carries out the examination and/or recovery of data with absolute confidentiality and secrecy regarding the content of the data examined and/or recovered, in compliance with the Law (especially regarding personal data) and obliged to preserve, in any case, the intellectual property rights over the Customer’s data.
TicTac Laboratories is committed to maintaining absolute confidentiality of the client’s personal information and any derivative findings discovered during the contract.
Among the company’s obligations is not to disclose any information to third parties without the client’s written consent.
Employees at TicTac’s laboratories have also signed a contract with severe sanctions to safeguard the personal data of the company’s customers.
In addition, some very specific principles are followed:
- Once a disk is received, it is assigned a unique number to accompany it to the laboratory. This number prevents the technical department employee from knowing the personal information of the customer who brought the disk.
- During data recovery, the client’s files are checked with software for their integrity, and a list of files with folder structure, names, and sizes is delivered to the client. TicTac technicians do not open the files to verify whether they work or not, as this would expose the client’s data. Instead, they deliver the list of files to the client, who must attend the company’s headquarters and check the integrity of the recovered data in a separate area. This way, the client’s data is not exposed to the technical department employees unless the client requests otherwise.
- For security reasons, customers’ data that has completed the data recovery process remains with a second copy at the company for 15 days from the date of shipment to the customer. To ensure the integrity of the data, the customer can follow the shipping instructions and, after verifying their data, contact the company for immediate deletion of the backup copy.
