We use cookies to make your experience better when visiting our website. By continuing to browse the website, you are agreeing to our use of cookies.

Compliance for increased performance

Operating in a global context, there are laws, standards and regulations we need to comply with. Above and beyond that, we have chosen more demanding standards for the benefit of our clients. As the fast moving world is challenging in itself, we have chosen to commit to high levels of trust, transparency, and regulatory compliance to take questions of security and sustainability of the table. Our services are built from the ground up to address the high security and privacy demands of our clients and their customers. Our clients and stakeholders can also expect a sustainable and responsible business practise.

We have also made sure we do not have to sacrifice speed or business outcome for compliance. We actually believe speed can be increased thanks to a well organized and proficient organization that constantly challenge borders.

Below is an excerpt of current standards and regulations the Centiro Group complies with, and is certified to:

Security / Personal Data Protection

  • ISO/IEC 27001:2013 Information Security
  • ISO/IEC 27017:2015 Cloud Security
  • ISO/IEC 27018:2014 Protection of Personally Identifiable Information
  • ISO/IEC 27032:2012 Cybersecurity
  • ISO 22301:2012 Business Continuity
  • The General Data Protection Regulation (GDPR)

 

Sustainability and Environment

  • ISO 14001:2015 Environmental
  • ISO 50001:2011 Energy
  • ISO/DIS 45001 Occupational Health and Safety [Certificate of compliance in lieu of published standard]

 

The certification body for ISO is PECB.

Privacy commitment

Centiro complies with the EU-U.S. Privacy Shield Framework (https://www.privacyshield.gov/EU-US-Framework) as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States as per Centiro Privacy Shield Policy. Centiro has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in Centiro Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.

Centiro commits to comply with the Privacy Shield Principles with respect to the personal data received from our customers and their users in the EEA in connection with the use of the Software as a Service (SaaS) delivery within Centiro, as well as expert services including consultant and support services. We ensure these individuals the right to access their personal data as well as the means to limit the use and disclosure of it. We are subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) and assume liability in cases of onward transfers to third parties.

To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/. Centiro has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) with regard to unresolved Privacy Shield complaints concerning data transferred from the EU.

In compliance with the Privacy Shield principles, Centiro commits to resolve complaints about our collection or use of your personal information. EU individuals that want to access the Centiro Privacy Shield Policy in its entirety or have inquiries or complaints regarding our Privacy Shield policy should contact Centiro at privacy@centiro.com or

Centiro Solutions Inc.
Attn: Privacy
2 Oliver Street
Suite 305
Boston
Massachusetts 02109
USA