Security and Privacy
Security and Privacy
Security and Privacy
At muffintech, the security of your data is our top priority. In a world driven by artificial intelligence, we understand how important the protection of personal information is.
At muffintech, the security of your data is our top priority. In a world driven by artificial intelligence, we understand how important the protection of personal information is.
Outline
Outline
Hosting and data processing in the EU
Hosting and data processing in the EU
Automation tool for detecting personal data
Automation tool for detecting personal data
Continuous monitoring and threat detection
Continuous monitoring and threat detection
Data processing and protection measures
Data processing and protection measures
Data protection guarantee
Data protection guarantee
Safe AI
Safe AI
Security at muffintech is non-negotiable. We rely on the best technologies and comprehensive measures to protect your data and privacy. Your trust is our highest priority, and we ensure that all users have a safe and reliable experience.
Security at muffintech is non-negotiable. We rely on the best technologies and comprehensive measures to protect your data and privacy. Your trust is our highest priority, and we ensure that all users have a safe and reliable experience.
Safe AI – security you can trust
Safe AI – security you can trust
As proof of our commitment, we have appointed Tomas Gan as Chief Information Security Officer (CISO). Through these measures, we ensure compliance with legal and regulatory requirements, while reinforcing the trust of our partners and customers.
As proof of our commitment, we have appointed Tomas Gan as Chief Information Security Officer (CISO). Through these measures, we ensure compliance with legal and regulatory requirements, while reinforcing the trust of our partners and customers.
Our Information Security Management System (ISMS) is certified according to ISO 27001:2022, and we use continuous audits and monitoring systems to ensure the protection of your data. We identify, assess, and minimize all data protection risks through stringent security controls.
Our Information Security Management System (ISMS) is certified according to ISO 27001:2022, and we use continuous audits and monitoring systems to ensure the protection of your data. We identify, assess, and minimize all data protection risks through stringent security controls.
Data protection guarantee
Data protection guarantee
We implement comprehensive Technical and Organizational Measures (TOM) to ensure the security and protection of personal data. Our employees undergo regular training, and compliance with these measures is routinely monitored.
We implement comprehensive Technical and Organizational Measures (TOM) to ensure the security and protection of personal data. Our employees undergo regular training, and compliance with these measures is routinely monitored.
Technical and organizational measures (TOM) in accordance with the GDPR
Technical and organizational measures (TOM) in accordance with the GDPR
We maintain detailed records of all processing activities, including risk analyses and Data Protection Impact Assessments (DPIA), to ensure compliance with all data protection requirements. Third parties involved in our data processing are subject to strict contractual agreements.
We maintain detailed records of all processing activities, including risk analyses and Data Protection Impact Assessments (DPIA), to ensure compliance with all data protection requirements. Third parties involved in our data processing are subject to strict contractual agreements.
Documentation of data processing
Documentation of data processing
muffintech strictly adheres to the legal foundations of data processing. New processes are developed with a strong focus on data protection, and we have implemented strict IT usage policies to ensure both data privacy and compliance with AI regulations.
muffintech strictly adheres to the legal foundations of data processing. New processes are developed with a strong focus on data protection, and we have implemented strict IT usage policies to ensure both data privacy and compliance with AI regulations.
Data protection regulations and AI Act compliance
Data protection regulations and AI Act compliance
Our employees are thoroughly trained and committed to adhering to data protection policies, promptly reporting incidents, and participating in regular audits to ensure compliance with data protection regulations.
Our employees are thoroughly trained and committed to adhering to data protection policies, promptly reporting incidents, and participating in regular audits to ensure compliance with data protection regulations.
Internal protective measures
Internal protective measures
Data processing and protection measures
Data processing and protection measures
Our advanced security solutions identify vulnerabilities and threats as they emerge, and respond immediately to protect the integrity of your data. In the event of an incident, we promptly notify both the authorities and the affected individuals if necessary.
Our advanced security solutions identify vulnerabilities and threats as they emerge, and respond immediately to protect the integrity of your data. In the event of an incident, we promptly notify both the authorities and the affected individuals if necessary.
Real-time threat detection and prevention
Real-time threat detection and prevention
Our systems are active around the clock to detect potential security threats in real time and address them immediately. Thanks to our continuous monitoring processes, we ensure that your data is protected at all times.
Our systems are active around the clock to detect potential security threats in real time and address them immediately. Thanks to our continuous monitoring processes, we ensure that your data is protected at all times.
24/7 protection for your data
24/7 protection for your data
Continuous monitoring and threat detection
Continuous monitoring and threat detection
All data is hosted on Microsoft Azure servers in Frankfurt, within the EU. We ensure that all data processing complies with the stringent requirements of the GDPR and guarantee that no data is used for model training. Microsoft contractually commits to using the data solely for the purposes agreed upon in the contract.
All data is hosted on Microsoft Azure servers in Frankfurt, within the EU. We ensure that all data processing complies with the stringent requirements of the GDPR and guarantee that no data is used for model training. Microsoft contractually commits to using the data solely for the purposes agreed upon in the contract.
Hosting and data processing in the EU
Hosting and data processing in the EU
Responsible person at muffintech
Responsible person at muffintech
Tomas Gan is our Managing Director for Operations & Compliance and is responsible as CISO for information security, data protection, and ensuring compliance with regulatory requirements. He ensures that all processes meet the highest security standards, leads the ISMS, and was instrumental in the ISO27001 certification. Furthermore, he drives the compliance strategy in the areas of DORA and AI Act to prepare our company early for new legal requirements.