VIKTOR offers an industry-leading platform for companies to design, build, deploy and manage automation applications. Being a platform provider, it is of utmost importance to ensure that the platform itself, the applications built on the platform and the cloud operations running the platform meet the highest security standards. Delivering an innovative and secure application platform is the result of comprehensive planning, innovative design, and efficient operations. VIKTOR makes security a priority at every step, from code development to incident response.
VIKTOR has combinations of controls and principles to maintain the confidentiality, integrity and availability of the VIKTOR platform and customer data.
These controls include:
These principles include:
Within VIKTOR, we understand that customers trust that the privacy of their information will be protected, and that their data will be used in a way that is consistent with their expectations. Our customers determine what data is submitted to the VIKTOR Platform as customer data. With respect to such data, VIKTOR acts as a data processor and addresses the following privacy commitments:
VIKTOR permits customers to specify the particular geography where their customer data will be stored. Data may be replicated for backup within a selected geographic area for redundancy, but will not be replicated elsewhere, so customer data will stay under local law and data privacy protection acts.
VIKTOR collects information about its customers activity regarding the use of the VIKTOR software and related services. These data are used to optimize the VIKTOR software and related services. These data are used anonymously and in combined representation. The activity data cannot be tracked back to individuals, except where customer activity data are used to support the customer related to those data. When used in communication it is only used in confidential communication.
Access to customer data by VIKTOR personnel is restricted. Customer data are accessed only when necessary to support the customer’s use of the VIKTOR Platform. The customer data, except the prior mentioned activity data, are only accessed after explicit authorization by the customer.
Furthermore, strong authentication, including the use of two-factor authentication, helps limiting access to authorized personnel only. Access of personnel is revoked as soon as it is no longer needed.
Our customers should control their data when stored within the VIKTOR Cloud. We will not disclose customer data to law enforcement except as a customer directs or where required by law. When governments make a lawful demand for customer data from VIKTOR, we strive to be principled, limited in what we disclose, and committed to transparency.
Together with our customers, we make sure to comply to international data privacy standards, such as the General Data Protection Regulation (EU) 2016/679.
Compliance plays a key role in the trust from, and success for, our customers. We are committed to abiding by the laws and regulations that apply to us as we conduct business around the world. Furthermore, we use international standards to comply as a company or in a joint effort with our customers.