ASEE in Serbia and Chip Card among First Companies in Europe Holding Certificate of Compliance with GDPR and Related Privacy Legislation (ISO 27701)
ASEE in Serbia is among the first companies in the private sector in Europe that has been awarded the accredited certificate related to personal data protection having successfully implemented the requirements of the international standard ISO/IEC 27701:2019 within its business processes and completed certification audit with great success.
The certificate confirms the company’s capabilities to manage personal information related to both clients and employees, and to ensure compliance with GDPR and other personal data protection regulations as well as transparency of implemented privacy management controls.
The certification audit was conducted by the leading auditors of CIS – Certification & Information Security Services GmbH, a partner of Quality Austria, which is ASEE business partner in the domain of international standards. Quality Austria and CIS are internationally operating organizations that support their clients in nearly 30 countries.
Chip Card, member of Payten, also successfully completed the certification process related to ISO 27701 standard as a company continuously focused on providing the highest level of secure and best-in-class service.
With the internationally acknowledged certificate, Chip Card is among first card processing companies in the region holding this certificate as a proof of compliance with the privacy and personal data protection requirements as well as with the related requirements of its clients and vendors. On top of that, it also points to Chip Card’s ongoing endeavor to increase the quality of the services offered as well as to raise the security and personal data protection levels, especially bearing in mind the volume of the data it processes as a processing center and a payment institution.
ISO/IEC 27701:2019 standard, abbreviated as Privacy Information Management System (PIMS), represents an extension of data privacy to ISO 27001 standard. The newly published information security standard provides guidelines for the organizations that aim to establish systems which support compliance with GDPR and other data protection requirements. Implementation and certification in line with ISO 27701 reduce risk related to the privacy rights of individuals and organizations by enhancing the existing information security management system. Furthermore, the implementation of this standard demonstrates to customers, internal and external stakeholders that efficient systems are in place to support compliance with GDPR and other related privacy legislation, as well as to facilitate agreements with business partners in which processing of personally identifiable information (PII) is mutually relevant.