As a personal data processor, Parakey is obliged to take technical and organizational security measures to protect personal data and ensure the confidentiality, integrity and availability of Parakey's products and services.ย ย 

This means that Parakey maintains the necessary security, such as encrypted storage and communication, authorization control, as well as the possibility to make registry extracts and delete personal data.ย 

The actions taken by Parakey include, but are not limited to:

Authentication and encryption

All data communication is encrypted towards Parakey's services. To access the service, a personal login with username and password is required.

  • Parakey uses encrypted communication in terms of Secure Sockets Layer (SSL) (SHA 256-bit, RSA 2048-bit). Parakey follows industry standards when it comes to encryption and has the same encryption used when logging in to banks and government agencies.
    โ€
  • The entire login procedure is encrypted, which means that no information is sent as unencrypted text. Passwords are never saved in plain text, but are stored in one-way encrypted format with a standard one-way cipher. This means that neither Parakey nor third parties can decrypt the user's password.
    โ€
  • Parakey has procedures in place to help users detect unauthorized access to their account. By analyzing activity and informing users about events such as changing passwords or the first time the user logs on with a new mobile. The user can then easily choose to block their account and set a new password.
    โ€
  • Parakey monitors and analyzes sign-in attempts to actively protect against brute-force attacks.
    โ€
  • Continuous verification of the user takes place. This means that the logged on user's permissions are checked on all calls to Parakey's servers.
    โ€
  • To reduce the risk of abuse, the number of signed-in sessions in Parakey's smartphone app is limited per user, when the same user signs in to a new device, the old session is automatically logged out. In Parakey's web portal (administrative interface), users can be logged in to most devices at the same time. The user can get a clear overview of all logged-in sessions through their profile page and manually log out the respective session.
    ย 
  • Access to the system is regulated based on role-based permissions, limiting users' access based on their role and place .

โ€

Storage and backups

Parakey's services are operated by Amazon Web Services (AWS). Data storage and management takes place geographically within Europe and the servers are located in data centers that are monitored 24/7.ย 

  • Only approved personnel have access to the data centers.
    โ€
  • The data centers are fully equipped with fire protection and climate systems.
    โ€
  • The data centers are equipped with a secondary power supply system to ensure power supply to the servers.
    โ€
  • Prakey's services are built on a modern hosting platform with multilevel redundancy and scalability.
    โ€
  • Backups are automatically made at predetermined intervals.
    โ€
  • Parakey databases are encrypted to ensure high integrity of stored data.ย  ย 

โ€

Knowledge and information protection

All Parakey staff are bound by a non-disclosure agreement that prevents the dissemination of sensitive information and personal data.

โ€

Status of the service

Parakey works hard to ensure that our systems are available at all hours of the day, 7 days a week. On status.parakey.co you can follow the status of our applications and get information about planned maintenance.