Information Security and Data Protection

In times of rapid digital transformation and risks, responsible handling of your data and information is obligatory, not optional.

Information security is a key requirement in times of industrial espionage and increasing digitalization of the business world. Put your faith in us in this challenging environment – we are conscious of this enormous responsibility, and not only since the introduction of the General Data Protection Regulation (GDPR). Hardly any other industry depends on information as much as ours, and every single day our clients send us vast numbers of documents, many of which contain information that has not yet been published. Strict non-disclosure agreements with all of our team members and translators are therefore just the beginning. In preparation for introducing an information security system, we were audited on the relevant ISO 9001 and ISO 27001 stipulations in early 2015. From this we identified numerous measures that have been prioritized and worked through. It is important to note that information security is not only a matter of securely exchanging data, but it is also about a comprehensive security concept. The criteria include:

• Suitability of rooms (access, fire alarm, protected zone concept, etc.)
• Visitor regulations
• Non-disclosure agreements with all external suppliers (not just translators)
• Technical-organizational measures according to the current state of the art

We work in accordance with ISO 27001, the international standard for information security. For this reason alone, adherence to certain processes is a matter of course for us. We also fulfill many other information security requirements. In 2015 in particular, we were audited according to the strict security standards of the VDA (German Association of the Automotive Industry). We are happy to advise you on which requirements apply to your projects. This includes classifying your content according to different security levels (e.g., public, internal, confidential) and processes for editing different categories of content.

Our information security office manages an information security management system centrally according to ISO 27001 and is responsible for the following tasks:

• Acting as a central point of contact for any security questions
• Close cooperation with management and IT
• Consultancy
• Conducting training and refresher workshops
• Conducting internal audits
• Regular participation in further training

In addition to technical security measures, raising awareness among our team members is also top priority. The human factor plays a key role in the field of information security, and for this reason, it goes without saying that our team members receive regular training.