RIEGE Software International GmbH attaches great importance to the security and integrity of customer and customs data.
For functional reasons and to ensure appropriate support, RIEGE employees have access to the Scope architecture in exceptional cases, particularly from a technical perspective. This is necessary for the proper maintenance of system operation.
To ensure appropriate data integrity, RIEGE follows a strict information security and management policy:
Every employee is required to comply with the rules of the applicable information security, compliance guidelines and laws (including the GDPR). This also includes access rights at data level. In its role as a processor under data protection law, RIEGE is required to process customer data provided in accordance with the principles of the GDPR. RIEGE's data processing agreement, with regard to the customer data to be processed in accordance with Art. 28 para. 3 sentence 1 GDPR can be found here: https://legal.riege.com/en-de/agreement-pertaining-to-commissioned-data-processing-2023-11. Further information on the technical and organisational measures taken by RIEGE in accordance with Art. 28 para. 1 GDPR can be found here: https://legal.riege.com/en-de/toms-en. The subcontractors used by RIEGE in accordance with Art. 28 para. 4 GDPR are available here: https://legal.riege.com/en/subprocessors.
In order to ensure the future security of our SaaS system "Scope" in the interests of our customers, we are successively developing our system in the direction of cloud computing with a connection to Microsoft AZURE.
Riege Software International GmbH in Meerbusch was recently comprehensively certified by TÜV SÜD in accordance with ISO 27001 (Information Security Management Systems - ISMS). In accordance with the certification, regular (data protection) training courses and follow-up and monitoring audits are also carried out at the company to ensure that information security is maintained.
Every single access to the system by our employees is logged and can therefore be traced. Any incidents are recorded immediately, analyzed by the ISMS team and dealt with appropriately. The servers operated are deliberately owned by RIEGE and are administered exclusively by the company. Access to the server premises is secured by special access controls, including an ID card check. Our employees are also subject to a duty of confidentiality, which rounds off our security concept.
If you have any further questions, please do not hesitate to contact us.
Yours sincerely
Dr Tobias Riege (CEO)