This document describes the technical and organizational security measures as well as the controls implemented by bsport in order to protect personal data and to ensure the confidentiality, integrity and availability of bsport products and services at all times.
This document is an overview of the technical and organizational security measures of bsport. The details on the implemented measures are available by following the links in this document. **We reserve the right to revise these technical and organizational measures at any time, without notice, provided that such revisions do not substantially reduce or weaken the protection afforded to personal data used by bsport in the provision of its solutions. In the unlikely event that bsport substantially reduces its level of security, bsport will notify its customers.
bsport implements the following technical and organizational security measures to protect personal data.
bsport employs security and confidentiality professionals. These experts have been recruited for their specialty. Their objective is to manage the company's defense systems, develop security review processes, design the security infrastructure, and implement bsport's ****security policies. Bsport also employs lawyers, regulatory compliance experts and public policy specialists who ensure the company's compliance with confidentiality and security requiremts. These teams interact with clients, industry stakeholders and regulatory authorities to design our services to meet the compliance needs of companies
Our terms and conditions for data processing for bsport clearly define our commitments to customers regarding privacy. We make them evolve regularly according to the comments of our customers and the regulatory bodies. We will update them at least once a year if comment to ensure their conformity with the modifications induced by the RGPD.
All data entered by a customer and its users into our systems will be processed in accordance with the customer's instructions as described in our data processing agreements.
bsport directly performs the majority of the data processing activities necessary to provide the bsport ervices. However, we also employ third-party vendors to help us provide these services. Each of them undergoes a rigorous selection process to ensure that they have the required technical expertise and are able to provide the appropriate level of security and confidentiality. You can consult the information on bsport's service providers managing its services, as well as on the third-party service providers participating in them.
According to the GDPR, the data controller and the processing provider must implement the necessary technical and organizational measures to ensure a level of protection appropriate to the risk involved. bsport uses AWS a global infrastructure designed to ensure a state-of-the-art level of security throughout the entire information processing life cycle. This infrastructure is designed to ensure the security and confidentiality of our services at all levels: deployment, data storage with end-user privacy shields, communications between services and with clients over the Internet, and operations performed by administrators.
AWS has designed the security of its infrastructure in layers: physical security of data centers, hardware and software protections, and processes used to support operational security. This layered protection creates a strong foundation of security for all our operations. To learn more about its security and infrastructure, read its dedicated website :
https://aws.amazon.com/compliance/security-by-design/?nc1=h_ls
Moreover, during the design phase, the bsport teams integrate the RGPD component in the specification phase (identification of risks on the data collected), architecture (securing flows, storage and backups) and regulatory verification (consent, notification, withdrawal).
To guarantee the security of sensitive data, all of our services are hosted on separate environments: