English

Autenti, as a provider of trust services, provides them with the utmost care, taking care of data security

illustration@2x

Transparency

We ensure transparency and availability of all information that will help you run your business with the Autenti platform.

Support

We assist in solving technical and functional problems, and we often advise on legal issues.

Security

We store all documents in an encrypted form, we use data encryption protocols within the transmission and best security practices.

Compatibility

with the best standards and legal regulations

The solutions and tools offered by Autenti are used by entities from the supervised sector, i.e. banks, financial institutions and insurance companies. Therefore, additional restrictions and requirements are imposed on us, which we must meet and which are systematically audited by our customers.

In order to meet the highest requirements of our customers, we apply the best practices, such as:

Center for Internet Security (CIS)

ISO/IEC 27001:2017

The Open Web Application Security Project (OWASP)

In addition, we declare compliance with the requirements of: the Act of 1 March 2018 on Counteracting Money Laundering and Financing of Terrorism (i.e. Journal of Laws of 2020, item 971, as amended)

Announcement of the Polish Financial Supervision Authority regarding the processing of information by supervised entities in a public or hybrid cloud of 23 January 2020.

Recommendation of the Polish Financial Supervision Authority regarding the management of information technology and information and communication environment security in banks.

 

Autenti is a trusted partner for conducting responsible business. We build cooperation based on the highest standards and ethical principles.

Security and privacy

We take care of it every day!

We have implemented and we are improving information security management (in accordance with ISO/IEC 27001: 2017). We manage business continuity based on the ISO 22301:2020 standard.

We focus on the highest safety standards using appropriate technical and procedural measures.

 

Autenti Rules

  • access minimization

  • division of roles and responsibilities

  • accountability

  • ensuring competence

  • business continuity

  • scalability and integrity

    Technical security measures

  • data geo-redundancy

  • traffic encryption of separate channels connecting IPsec/SSL/TLS resources

  • data encryption at rest (we use advanced data encryption methods using cipher block chaining technology – CBC, AES 256 bit)

  • data transmission via a channel encrypted with the SSL protocol, in the standard not lower than TLS 1.2.

  • separation of user and signatory data in the area of document signing processes

  • conducting systematic backups, allowing the environment to be reconstructed in accordance with the principle of minimizing data loss

  • logical breakdown of development, QA and production accounts and environments

In the first and second quarters of 2021, we recorded availability of over 99.9%.

At the client's request, we provide technical support (SLA).

 

Personal data protection

  • We operate based on the developed and implemented personal data protection policies, both as an independent controller and a processor.

  • The Data Protection Officer supervises their compliance. Any questions or reservations can be directed to iod@autenti.com

  • We comply with the principle of minimizing and retaining personal data.

  • Only authorized persons have access to personal data. We respect the rules of confidentiality.

  • We process our customers' data related to the use of the Autenti Platform exclusively within the European Economic Area.

  • We cooperate only with experienced, reliable suppliers providing the utmost guarantee for provided services, to whom we entrust the processing of personal data.

  • We apply the principle of privacy by design and privacy by default.

  • You can read about our rules for the processing of personal data in our Privacy Policy.

Autenti is committed to building the ethics of the provided trust service

Corporate Social Responsibility

We implement the principles of business ethics, not only with regard to our customers, but also business partners and employees. We want to create a socially credible business. We shape the long-term development of strategy, also in terms of environmental protection. Our mission is the depaperisation of society, for the economic benefit of our customers and the environment.