Table of contents
Introduction
The Jimdo GmbH (hereinafter referred to as "Jimdo" or the Processor) has implemented appropriate technical and organisational measures, as generally described below, to ensure the protection of personal data processed within the scope of the Jimdo Data Processing Agreement for the Jimdo Customer (hereinafter referred to as the "Customer" or "Controller"). To ensure the appropriateness of the measures taken, the measures are continuously adapted to the types of processing, scope, context, categories of personal data, the cost of implementation, the purposes of the processing as well as the risks, which can be of varying probability and severity.
The Gatekeepers
The Jimdo security team leads the facilitation and development of the procedures, processes and controls that govern the confidentiality, security and integrity of personal data processing via the Jimdo platform.
The Platform
Jimdo leverages leading data center and cloud service providers to house our cloud infrastructure. Jimdo hosts its services on leading data center and cloud service providers, namely the cloud-based data centers of Amazon Web Services (AWS). The specific AWS data centers used by Jimdo are located within the European Union. Extensive information on the industry leading AWS security practices can be found on the AWS security page.
The Overview
An overview of the general technical and organisational measures implemented by Jimdo to ensure a level of security appropriate to the risk are described below:
1. Confidentiality
1.1 Access Control
The following measures have been taken to prevent unauthorised entry to the data processing facilities in which personal data is processed ( so called "Entry Controls").
- Office Security: The Jimdo offices are locked day and night, are secured with electronic locking systems and only authorized persons have access to the office buildings.
- A physical Access Authorisation Management System has been implemented to ensure authorisations are always up to date and that keys are distributed in a secure and organized manner. Only authorised persons have corresponding electronic keys. The physical access authorisation management system governs the issue and/or withdrawal of entry permissions to premises both at the start and end of an employment relationship. Entry permissions are only issued to an employee when legitimately requested by relevant senior personnel. The principle of necessity is applied in the allocation of permissions.
- Personal Data on site: All personal data stored for the Jimdo customer at the Jimdo office premises is stored in suitably locked offices with restricted access rights, exclusively administered by appointed administrators. Jimdo restricts the amount of personal data stored on site.
- Database Security: Jimdo services are hosted on AWS cloud-based data centers. AWS satisfies the requirements of the Tier 3 Standards, maintaining industry-standard security certifications, including: ISO 27001, ISO 27017, ISO 27018, SOC 1, SOC 2, SOC 3 and are equipped with suitable access control mechanisms and precautions. More info on AWS security can be found at the AWS security page.
- Visitor Policy: The Visitor Policy implemented by Jimdo ensures that Visitors are only permitted to enter the office premises once the main doors are opened by Reception. The Reception Team monitors the entry door at all times and ensures that each visitor reports directly to the reception. Each visitor is recorded in a visitors' log and is accompanied to their respective contact by a member of the Reception Team. All Visitors are accompanied by a Jimdo employee at all times, and are also required to wear a visible lanyard clearly identifying them as a visitor. Data protection and information security policies for external personnel and for accompanying guests are communicated throughout the office.
1.2 System Access Control
The following measures have been taken to prevent use of the data processing systems by unauthorised third parties:
- Access Control: Access to systems is governed by an access control policy.
- The Jimdo Access Authorisation Policy describes Jimdo's role-based authorisation concept, which enables differentiated allocation of access authorisations, ensuring that employees receive access rights to applications and data depending on their respective area of responsibility.
- This Policy also covers changes and removal of access rights, for example due to role changes or termination of employment. Orders relating to access rights always require the explicit approval of a manager.Jimdo applies the principle of least privilege.
- Requests related to access rights follow established processes and are registered in a ticket management system. This enables traceability of the execution including approvals. The access rights related activities (addition, change, removal and review) are carried out by trained administrative staff. Only a limited number of personnel are authorised to carry out these activities.
- Password Control, Multi Factor Authentication, Application Security: Password management software is utilized by Jimdo to ensure passwords meet complexity requirements. Jimdo's Password Policies mandate multi-factor authentication, where technically possible. All passwords are stored in encrypted form. This includes Staff accounts, service accounts, and all Jimdo customer passwords.
- All essential and fundamental systems are secured with multi-factor authentication. Those systems can only be accessed via a VPN connection.
- Jimdo monitors, detects, and blocks incoming attacks on our web application platform. Regular pen testing is performed on the Jimdo platform, the results of which are analyzed and remediated (as appropriate) by our engineering and security teams.
- Remote Access Controls: Remote access to Jimdo's IT systems, that process personal data, requires connection via encrypted VPN. When working remotely, all employees are required to adhere to the Jimdo Remote Working Policy which mandates (among other things), the locking of computers when leaving them unattended.
- Mobile Device Management: The Mobile Device Management Policy ensures that Mobile Devices are always to be locked with a passcode, including company phones, tablets and notebooks, which are enrolled on the Mobile Device Management software.
- Production Systems: Access to all Jimdo production systems within the Amazon Web Services (AWS) environment requires authentication and authorisation. Account permissions are designated using the concept of least privilege, with enforced role-based access control. Administrative access requires VPN and multi-factor authentication and is restricted to limited personnel only.
- Security Updates: All server and Controller systems are regularly updated with security updates.
1.3 Data Access Control
The following measures have been taken to guarantee that persons authorised to utilise a data processing system solely have access to the data within their authorisation remit, and that personal data cannot be read, copied, amended or removed by unauthorised persons during processing, utilisation and/or after storage.
The Jimdo Customers' Responsibilities:
- It is the Customer's responsibility to establish suitable access control for the data they store within the Jimdo platform for the duration of the contract.
- The Jimdo Platform enforces a strong password policy for all customer account passwords.
- As emphasized in the Jimdo Terms of Service, the Jimdo Customer is required to maintain strict confidentiality regarding all login data, identification, and passwords in order to prevent third parties from accessing their login data. The sharing of customer login credentials for the Jimdo platform is strictly prohibited.
Access and Authentification
The Jimdo Access & Authentication Policies apply to systems that Jimdo manages and maintains. The policies address control processes that include, but are not limited to: account provisioning / decommissioning, authentication, privileged account management, user identification, access logging and monitoring. Employees must have a corresponding access authorisation to gain access to IT systems. The policies describes Jimdo's role-based access control, based on least-privilege principle ensuring employees only receive access rights to applications and data depending on their respective role & function. Corresponding employee authorisations are issued by administrators.
Access Log Management: Jimdo has implemented access log management i.e. we collect, alert, review, and retain access logs of events that could help detect, understand, or recover from any potential security incident.
Appropriate Data Disposal
A Data Disposal Policy is enforced by Jimdo. This policy specifies that data carriers and paper are to be destroyed by a service provider that guarantees destruction in accordance with DIN 66399.
All employees of Jimdo are instructed to dispose of information containing personal data and/or information about projects in the designated destruction receptacles located within the Jimdo offices.
Appropriate Software
Jimdo applies a vigorous 3rd party vendor management process, which includes thorough Data Protection and Security Assessments, for any new software / service being considered that may process personal data. This Process ensures only Jimdo sanctioned software is in use by Employees.
1.4 Separation
The following measures guarantee that the data collected for different purposes is stored separately and can be processed separately:
Logical Controller Separation:
- All IT systems that Jimdo uses to process personal data relating to the Customer and the Jimdo services they utilize are equipped with a logical controller separation, which guarantees the separation of the data from data processed for other purposes.
- As a rule, data with various processing purposes is processed and/or stored separately.
- Access Authorisation: A framework of graduated access authorisations in accordance with the aforementioned Access and Authorisation Policies is established and implemented by all employees, in particular in the technical (administration), support, domain management and customer accounting departments.
- The Customers' Responsibilities: It is the Customer's responsibility to ensure the separation of personal data pertaining to their use of the Jimdo services, processed via or on the Jimdo platform.
1.5 Pseudonymisation & Encryption
The following measures guarantee that personal data is processed in such a way that the data can no longer be attributed to a specific data subject without additional information, insofar as this additional information is stored separately and is subject to corresponding technical and organisational measures.
Encryption:
- Jimdo implements SSL certificates to encrypt data in-transit between website end users and customer domains. Jimdo offers HTTP Strict Transport Security which encrypts the content and only allows Jimdo customer websites to be accessed via HTTPS.
- Administrative access to server systems is provided via encrypted connections. Furthermore, data on Jimdo servers and systems is exclusively stored on encrypted data carriers. Corresponding hard drive encryption systems are employed.
- The Customers' Responsibility: It is the Customer's responsibility to encrypt their data processed/saved on and via the Jimdo platform, using suitable technology (software).
Pseudonymisation
- The Customers' Responsibility: It is the Customer's responsibility to pseudonymise the personal data which is processed by Jimdo on the Customers behalf, e.g. saved on and via the Jimdo platform, where required by law.
2. Integrity
2.1 Data Entry control
The following measures are implemented in order to monitor, review and establish whether and by whom personal data has been entered, amended or removed from data processing systems:
Access Log Management:
- General access logs: Jimdo has implemented access log management i.e. we collect, alert, review, and retain access logs of events that could help detect, understand, or recover from any potential security incident.
- Customer logs: Jimdo only logs personal data entries and amendments by customers and documents the time and the individual, where stipulated in additional instruction (as determined in the Jimdo DPA), which must be submitted in writing and independant to the website administration area.
- If Jimdo must remove information or block access to information on legal grounds (e.g. in cases where the customer uses telemedia services and/or electronic communication services retained for third parties on the IT systems), the blocks are logged. The logged data is stored and includes the employee identification. Deletion takes place automatically after the end of the Agreement and/or as determined by the JImdo Terms of Service and the Jimdo User's associated actions, and is logged.
The Customers' Responsibility:
- The Customer is responsible for their input of personal data into the Jimdo platform.
2.2 Data Transmission Control
The following measures guarantee that personal data cannot be read, copied, amended or removed by unauthorised persons during electronic transmission, or during its transport or storage on data carriers, and that it is possible to examine and establish where personal data is to be transmitted by data transmission equipment.
Encryption:
- In accordance with the respective Jimdo policy, only encrypted connections(and VPN) are used for the administration of databases.
- SSL/TLS encryptions via the Jimdo platform ensures the confidentiality of any data in transit remains intact, preventing unauthorised access.
Employee Training and Sensitization:
- All Employees working on a customer project or with customer data are regularly and appropriately instructed on the permissible use of data and the appropriate methods of transmitting data.
- All Employees are regularly trained in data protection and Information Security. All employees have an obligation to ensure the confidentiality, integrity and availability of data is maintained.
3. Availability and Resilience
The following measures guarantee that the data processing system functions appropriately at all times and that personal data is protected against accidental destruction and loss.
The Data Centres:
- The data centres used by Jimdo are equipped with an uninterruptible power supply (UPS), air-conditioned server rooms, temperature and moisture monitoring equipment in server rooms, fire and smoke alarms, alarm and security systems.
- A comprehensive fire and early warning system is in use.
- Solutions have been implemented that are designed to protect against and mitigate effects of DDoS attacks.
- Backup: Jimdo enforces an appropriate backup policy for all data.
Emergency and Recovery:
- Jimdo has implemented and disseminated an emergency plan, which also includes a recovery plan.
- The Jimdo Emergency and Recovery Plans are tested periodically. Results of testing are leveraged to improve plans where necessary.
4. Procedure for Regular Review, Assessment and Evaluation
These Measures describe the procedure for the regular review, assessment and evaluation of the efficacy of technical and organisational measures to guarantee data protection-compliant processing.
4.1 Data Protection Management
Data Protection Management:
- Jimdo has implemented a data protection management system. Policies on data protection and data security, as well as processes to guarantee the implementation of the policy objectives, are in place.
Data Protection Officer:
- Jimdo has appointed a Data Protection Officer, who together with the Security and Legal Teams ensures the application of these technical and organizational measures. The DPO can be contacted via the contact details listed in the Jimdo Privacy Policy.
The Security Team:
- A Security Team is established which plans, implements, evaluates and updates measures to protect personal data protection and ensure information security. The Security Team is supported by the Legal Team and the Data Protection Officer.
Continuous Monitoring and Reviewing:
- The effectiveness of guidelines and policies are reviewed and revised regularly.
Incident Response:
- Jimdo has a Data Breach Policy, as well as an Incident Response Plan in place, which ensures that security and data protection incidents are recognised by all employees, with incidents being reported immediately upon detection, to the Security Team. Insofar as personal data being processed on behalf of Customers is affected, Customers will be notified of the type and extent of the incident in accordance with the conditions of the Jimdo Data Processing Agreement.
- Jimdo has controls in place to ensure that where it falls within Jimdo's legal responsibility and where necessary and appropriate, a Data Protection Impact Assessment (DPIA) will be conducted.
4.2 Contract Control (Third-party/(Sub)processor Outsourcing)
The following measures ensure the enforcement of Jimdo's guarantee that personal data processed on behalf of the Customer can only be processed as per the instructions of the Jimdo Customer.
Third Party Management:
- Where external service providers or third parties are involved, a Data Processing Agreement is concluded. Jimdo applies a rigorous Vendor Risk, Security and Data Protection check of all external service providers and ensures continued compliance with the GDPR. Sub-Processors are monitored regularly during the contractual relationship.
4.3 Data Protection Through Technology Design and Default Privacy Settings (Privacy by Design and Default)
Software Development:
The software development process of Jimdo undergoes continuous review, and follows a Secure Software Development lifecycle including threat modeling. This ensures the principle of data protection-by-design.
- The software development process of Jimdo ensures that the principle of necessity is taken into account as regards Customer interfaces. Form fields and screen masks, for example, are designed to be flexible. Thus mandatory fields can be designated or fields can be deactivated by the Customer.
- Access Authorisation: As previously described in the references to the Jimdo Access Authorisation Policy, data or application permissions are configured in a flexible and granular way, based on the principle of the "least privilege".
- Privacy by Design: Jimdo incorporates Privacy by Design principles for systems and enhancements at the earliest stage of development.