Skip to content
  • There are no suggestions because the search field is empty.

“Scope” Security Statement

RIEGE Software International GmbH attaches great importance to the security and integrity of customer and customs data.

For functional reasons and to ensure adequate support, RIEGE employees have access to the Scope architecture in exceptional cases, particularly for technical purposes. This is necessary for the proper maintenance of system operations.

To ensure adequate data integrity, RIEGE follows strict information security management guidelines:  

Every employee is required to comply with the rules of applicable information security, compliance guidelines, and laws (including the GDPR). This also includes access rights at the data level. In its role as a data processor under data protection law, RIEGE is required to process customer data provided in accordance with the principles of the GDPR. The agreement on order processing by RIEGE with regard to the customer data to be processed in accordance with Art. 28 (3) sentence 1 GDPR can be found here https://legal.riege.com/de-de/vereinbarung-zur-auftragsverarbeitung-2024-09. Further information on the appropriate technical and organizational measures taken by RIEGE in accordance with Art. 28 (1) GDPR can be found here: https://legal.riege.com/de-de/toms-de-2024-09. The sub-processors used by RIEGE in accordance with Art. 28 (4) GDPR are listed here: https://legal.riege.com/de/subdienstleister.

In order to ensure the future viability of our SaaS system “Scope” in the interests of our customers, we are gradually developing our system towards cloud computing with a connection to Microsoft AZURE.

Every single access to the system by our employees is logged and can therefore be traced. Any incidents are recorded immediately, analyzed by the ISMS team, and dealt with appropriately. The servers operated by RIEGE are deliberately located in European data centers. Access to the data center premises is regulated by separate access controls, including advance registration and ID checks. Our employees are also subject to data secrecy obligations, which rounds off our security concept. We conclude non-disclosure agreements (NDAs) within the framework of our supplier relationships.

Riege Software International GmbH in Meerbusch has recently been certified by TÜV SÜD in accordance with ISO 27001 (Information Security Management Systems - ISMS). Following certification, regular (data protection) training courses and follow-up and monitoring audits are carried out in the company to ensure that information security is maintained. As the validity of the ISO certification is limited in time, we aim to renew it regularly.

If you have any further questions, please do not hesitate to contact us.

Kind regards,

Dr. Tobias Riege (CEO)