{"id":6413,"date":"2023-03-24T20:13:27","date_gmt":"2023-03-24T20:13:27","guid":{"rendered":"https:\/\/start-placement.com\/?page_id=6413"},"modified":"2025-06-16T03:45:35","modified_gmt":"2025-06-16T03:45:35","slug":"data-protection-standards","status":"publish","type":"page","link":"https:\/\/start-placement.com\/en\/data-protection-standards\/","title":{"rendered":"Data protection standards"},"content":{"rendered":"<p>[et_pb_section fb_built=&#8221;1&#8243; theme_builder_area=&#8221;post_content&#8221; _builder_version=&#8221;4.27.4&#8243; _module_preset=&#8221;default&#8221;][et_pb_row _builder_version=&#8221;4.27.3&#8243; _module_preset=&#8221;default&#8221; custom_margin=&#8221;||||false|false&#8221; custom_padding=&#8221;0px||||false|false&#8221; locked=&#8221;off&#8221; global_colors_info=&#8221;{}&#8221; theme_builder_area=&#8221;post_content&#8221;][et_pb_column type=&#8221;4_4&#8243; _builder_version=&#8221;4.27.0&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221; theme_builder_area=&#8221;post_content&#8221;][et_pb_text _builder_version=&#8221;4.27.4&#8243; _module_preset=&#8221;default&#8221; header_text_color=&#8221;#FFFFFF&#8221; header_2_font=&#8221;ABC Sans Regular||||||||&#8221; header_2_text_color=&#8221;#FFFFFF&#8221; header_2_font_size=&#8221;40px&#8221; background_enable_color=&#8221;off&#8221; use_background_color_gradient=&#8221;on&#8221; background_color_gradient_direction=&#8221;172deg&#8221; background_color_gradient_stops=&#8221;#00637d 0%|rgba(255,255,255,0) 55%&#8221; background_color_gradient_overlays_image=&#8221;on&#8221; background_image=&#8221;https:\/\/start-placement.com\/wp-content\/uploads\/declare.jpg&#8221; background_position=&#8221;top_center&#8221; background_vertical_offset=&#8221;27%&#8221; background_blend=&#8221;multiply&#8221; height=&#8221;250px&#8221; custom_margin=&#8221;||30px||false|false&#8221; custom_margin_tablet=&#8221;||20px||false|false&#8221; custom_margin_phone=&#8221;||||false|false&#8221; custom_margin_last_edited=&#8221;on|tablet&#8221; custom_padding=&#8221;20px|15px||20px|false|false&#8221; hover_enabled=&#8221;0&#8243; header_2_font_size_tablet=&#8221;36px&#8221; header_2_font_size_phone=&#8221;30px&#8221; header_2_font_size_last_edited=&#8221;on|phone&#8221; global_colors_info=&#8221;{}&#8221; theme_builder_area=&#8221;post_content&#8221; sticky_enabled=&#8221;0&#8243;]<\/p>\n<h1>Our data protection standards<\/h1>\n<p>[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=&#8221;4.27.4&#8243; _module_preset=&#8221;default&#8221; theme_builder_area=&#8221;post_content&#8221; column_structure=&#8221;2_3,1_3&#8243;][et_pb_column _builder_version=&#8221;4.27.4&#8243; _module_preset=&#8221;default&#8221; type=&#8221;2_3&#8243; theme_builder_area=&#8221;post_content&#8221;][et_pb_text _builder_version=&#8221;4.27.4&#8243; _module_preset=&#8221;default&#8221; theme_builder_area=&#8221;post_content&#8221; hover_enabled=&#8221;0&#8243; sticky_enabled=&#8221;0&#8243;]<\/p>\n<h3>Basic<\/h3>\n<p>We ensure the implementation of and compliance with the required technical and organisational measures in accordance with \u00a7 32 DSGVO. These include measures to ensure the ongoing confidentiality, availability and resilience of data processing systems and services. Appropriate technical and organisational measures include, for example, the encryption of personal data and strict access control.<\/p>\n<h3>Data Protection Officer<\/h3>\n<p>The data protection officer of Startcon GmbH is Peder Iblher. He can be contacted at datenschutz@startcon.berlin for your concerns.<\/p>\n<h3>Documentation and auditing<\/h3>\n<p>We use procedures and documentation that provide for regular auditing, assessment and evaluation of the effectiveness of the technical and organisational measures implemented to ensure the security of data processing.<\/p>\n<h3>Training<\/h3>\n<p>We conduct training on data protection and data security on a bi-annual basis.<\/p>\n<h3>Physical access to servers<\/h3>\n<p>Physical access to servers is provided by our cloud service provider. Its servers are located within the EU.<\/p>\n<h3>Physical access to data carriers<\/h3>\n<p>Data media is also only stored in secure locations where strong physical access controls are in place.<\/p>\n<h3>Storage<\/h3>\n<p>\u2013 Access to all customer services and data is protected by identity management.\u00a0This includes an authorisation concept and strong authentication measures in line with corporate standards. \u2013 All access rights and authorisations for users of the data processing systems are checked and recertified once a year; highly privileged access rights are recertified at least once every six months.<\/p>\n<h3>Users, Workplace Policy<\/h3>\n<p>\u2013 Unsuccessful access attempts are regularly evaluated. \u2013 All servers and workstations have proper security configurations and are continuously checked for vulnerabilities.\u00a0Any vulnerabilities identified are addressed accordingly. \u2013 All services and workstations require a username and password that complies with our password policy: \u2013 All passwords contain upper and lower case letters, special characters and numbers and have at least twelve digits. \u2013 Passwords must not be shared with anyone. All passwords are to be treated as sensitive, confidential information. \u2013 Standard passwords shall not be used or shall be changed immediately. \u2013 All operator-level passwords must be changed at least once every six months. In the case of critical access authorisation, the change must be made once every quarter.<\/p>\n<h3>Data access<\/h3>\n<p>We ensure that our authorised staff and consultants only access data to which their access authorisation applies: \u2013 Access to resources is only granted if the person in question is authorised to access them. \u2013 User access permissions to systems and data, including supervisor set-up and granting of access rights, are requested, changed or revoked as part of a predefined workflow. \u2013 A user account is exclusively assigned to a specific user. \u2013 All users are assigned to specific groups.<\/p>\n<h3>Data sharing<\/h3>\n<p>We ensure that personal data can be verified and confirmed when it is intended to be shared and the parties concerned have provided or submitted their personal data for this purpose. \u2013 All staff are responsible for ensuring that data is communicated only when \u2013 this is done using predefined communication technologies \u2013 a clear lawful or business purpose is pursued \u2013 the relevant staff member has signed a confidentiality agreement accepting responsibility for the protection of data \u2013 this is in accordance with existing confidentiality agreements \u2013 the recipient is authorised to receive the data \u2013 this does not violate the security principles explained during the security training. \u2013 Persons with administrative duties are authorised to communicate directly with servers or applications if \u2013 the connection is secured by strong encryption \u2013 the authenticity of the server or application has been verified. \u2013 Communication of data to employees of non-clients or companies is only permitted if the party concerned can guarantee the security of the data sent. \u2013 The IT infrastructure is protected against unauthorised electronic forwarding by firewalls. \u2013 The IT infrastructure is protected by disabling ports that are not required and by transport protocols.<\/p>\n<h3>Data processing<\/h3>\n<p>We ensure that it is possible to trace whether and by whom personal data have been entered into the data processing systems and whether and by whom these personal data have been changed or deleted. \u2013 The data processing systems can only be used if the users have previously undergone strong identification and authentication controls. \u2013 A backup and retention policy is in place that defines the procedures for data backups and secure data storage during the retention period.<\/p>\n<h3>Transport<\/h3>\n<p>We ensure that the confidentiality and integrity of data is protected during the transmission of personal data and during the transport of data media: \u2013 Policies and procedures are in place to ensure that \u2013 data sent over public networks is encrypted using strong encryption and valid and correct certificates that are tested at least once a quarter \u2013 all authentication data is encrypted, \u2013 all staff and partners are aware of their responsibilities. \u2013 There is no communication of data in physical form (USB sticks, CDs, etc.).<\/p>\n<h3>Reliability<\/h3>\n<p>We ensure that all functions of the data processing systems are operational and that incidents affecting them are reported by: \u2013 procedures to be applied by an incident management officer, including provisions for escalation procedures and a call tree \u2013 Incident management procedures \u2013 Security Information and Event Management (SIEM) procedures for security breaches, information loss, unauthorised disclosure and other emergencies \u2013 standardised change management and testing procedures to ensure service delivery without interruptions.<\/p>\n<h3>Data integrity<\/h3>\n<p>We ensure that stored personal data is not corrupted by system malfunctions through: \u2013 having a redundant data centre infrastructure and a failsafe data centre \u2013 the use of database management techniques that allow for the recovery of data in the event of system malfunctions.<\/p>\n<h3>Data processing mandate<\/h3>\n<p>We ensure that personal data can only be processed in accordance with our instructions and those of our clients by: \u2013 regulating all orders for the processing of personal data in written contracts \u2013 regulating the basic requirements regarding liability, assignment of responsibilities, security requirements and measures, and control rights \u2013 assisting contracting authorities in the exercise of their supervisory rights \u2013 supporting our clients\u2019 data protection officers \u2013 verifying compliance with contractual obligations.<\/p>\n<h3>Availability<\/h3>\n<p>We ensure that personal data is protected against accidental destruction or loss through business continuity and disaster recovery rules based on a business impact analysis (BIA). Our business impact analysis includes the following: \u2013 the definition of the scope of the assets and an identification of the assets included in that scope \u2013 An identification of the existing or planned IT assets, data and control flows and their respective status. \u2013 an identification of the threats presented, the types of threats and their sources \u2013 an assessment of the impact that a loss of confidentiality, integrity, authenticity or availability could have \u2013 derived protective measures in the event of such an impact. Our Data Protection Centre has implemented appropriate environmental controls, including: \u2013 automatic fire detection mechanisms \u2013 Protective measures against water damage \u2013 Uninterruptible power supply (UPS) units \u2013 Climate and temperature controls \u2013 Monitoring of the environmental conditions of the servers. We ensure that data collected for different purposes is processed separately: \u2013 Separate data processing for different clients \u2013 Access to processing systems only after strong identification and authentication controls are in place for our personnel \u2013 Performance of functional and non-functional tests \u2013 A standardised procedure for error management.<\/p>\n<p>Berlin in May 2020<\/p>\n<p>[\/et_pb_text][\/et_pb_column][et_pb_column _builder_version=&#8221;4.27.4&#8243; _module_preset=&#8221;default&#8221; type=&#8221;1_3&#8243; theme_builder_area=&#8221;post_content&#8221;][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Our data protection standardsBasic We ensure the implementation of and compliance with the required technical and organisational measures in accordance with \u00a7 32 DSGVO. These include measures to ensure the ongoing confidentiality, availability and resilience of data processing systems and services. Appropriate technical and organisational measures include, for example, the encryption of personal data and [&hellip;]<\/p>\n","protected":false},"author":6,"featured_media":0,"parent":0,"menu_order":83,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"","_et_gb_content_width":"","inline_featured_image":false,"footnotes":""},"class_list":["post-6413","page","type-page","status-publish","hentry"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.9 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Data protection standards - Start Placement<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/start-relocation.com\/en\/data-protection-standards\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Data protection standards - Start Placement\" \/>\n<meta property=\"og:description\" content=\"Our data protection standardsBasic We ensure the implementation of and compliance with the required technical and organisational measures in accordance with \u00a7 32 DSGVO. These include measures to ensure the ongoing confidentiality, availability and resilience of data processing systems and services. Appropriate technical and organisational measures include, for example, the encryption of personal data and [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/start-relocation.com\/en\/data-protection-standards\/\" \/>\n<meta property=\"og:site_name\" content=\"Start Placement\" \/>\n<meta property=\"article:modified_time\" content=\"2025-06-16T03:45:35+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/start-placement.com\\\/en\\\/data-protection-standards\\\/\",\"url\":\"https:\\\/\\\/start-relocation.com\\\/en\\\/data-protection-standards\\\/\",\"name\":\"Data protection standards - Start Placement\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/start-placement.com\\\/en\\\/#website\"},\"datePublished\":\"2023-03-24T20:13:27+00:00\",\"dateModified\":\"2025-06-16T03:45:35+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/start-relocation.com\\\/en\\\/data-protection-standards\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/start-relocation.com\\\/en\\\/data-protection-standards\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/start-relocation.com\\\/en\\\/data-protection-standards\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Startseite\",\"item\":\"https:\\\/\\\/start-placement.com\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Data protection standards\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/start-placement.com\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/start-placement.com\\\/en\\\/\",\"name\":\"Start Placement\",\"description\":\"Vermittlung und Integration internationaler Pflegefachkr\u00e4fte\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/start-placement.com\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Data protection standards - Start Placement","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/start-relocation.com\/en\/data-protection-standards\/","og_locale":"en_US","og_type":"article","og_title":"Data protection standards - Start Placement","og_description":"Our data protection standardsBasic We ensure the implementation of and compliance with the required technical and organisational measures in accordance with \u00a7 32 DSGVO. These include measures to ensure the ongoing confidentiality, availability and resilience of data processing systems and services. Appropriate technical and organisational measures include, for example, the encryption of personal data and [&hellip;]","og_url":"https:\/\/start-relocation.com\/en\/data-protection-standards\/","og_site_name":"Start Placement","article_modified_time":"2025-06-16T03:45:35+00:00","twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/start-placement.com\/en\/data-protection-standards\/","url":"https:\/\/start-relocation.com\/en\/data-protection-standards\/","name":"Data protection standards - Start Placement","isPartOf":{"@id":"https:\/\/start-placement.com\/en\/#website"},"datePublished":"2023-03-24T20:13:27+00:00","dateModified":"2025-06-16T03:45:35+00:00","breadcrumb":{"@id":"https:\/\/start-relocation.com\/en\/data-protection-standards\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/start-relocation.com\/en\/data-protection-standards\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/start-relocation.com\/en\/data-protection-standards\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Startseite","item":"https:\/\/start-placement.com\/en\/"},{"@type":"ListItem","position":2,"name":"Data protection standards"}]},{"@type":"WebSite","@id":"https:\/\/start-placement.com\/en\/#website","url":"https:\/\/start-placement.com\/en\/","name":"Start Placement","description":"Vermittlung und Integration internationaler Pflegefachkr\u00e4fte","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/start-placement.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"}]}},"_links":{"self":[{"href":"https:\/\/start-placement.com\/en\/wp-json\/wp\/v2\/pages\/6413","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/start-placement.com\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/start-placement.com\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/start-placement.com\/en\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/start-placement.com\/en\/wp-json\/wp\/v2\/comments?post=6413"}],"version-history":[{"count":11,"href":"https:\/\/start-placement.com\/en\/wp-json\/wp\/v2\/pages\/6413\/revisions"}],"predecessor-version":[{"id":11330,"href":"https:\/\/start-placement.com\/en\/wp-json\/wp\/v2\/pages\/6413\/revisions\/11330"}],"wp:attachment":[{"href":"https:\/\/start-placement.com\/en\/wp-json\/wp\/v2\/media?parent=6413"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}