ATLAS.ti enables the world’s leading universities and companies to analyze their data and turn it into qualitive insights. As we process millions of valuable and sensitive data points on a daily basis, we take data security and privacy compliance very seriously and attach utmost importance to safeguarding the personal data we process on behalf of our clients.
ATLAS.ti implemented a comprehensive information security and data protection management system to ensure both the security of the data processed with ATLAS.ti Web and full compliance with all relevant privacy laws and regulations, including GDPR, CCPA, HIPAA and LGPD.
With ATLAS.ti the users can analyze almost any kind of data, including personal data. Such data is processed by ATLAS.ti as a data processor, on instruction of our clients. Such data processing by ATLAS.ti is subject to our Data Processing Agreement (in accordance with Art. 28 GDPR).
All data that is handled and processed through ATLAS.ti Web is fully secured against unauthorized access. All data is fully encrypted, managed and stored by SOC-compliant data center providers with all relevant ISOI certifications, including, but not limited to, ISO 27001 and ISO 27018.
Hosting in Germany
ATLAS.ti Web is hosted with Amazon Web Services in Germany. The data processed via ATLAS.ti Web by ATLAS.ti as a data processor is processed in the EU only, no data is transferred to third countries outside of the EU.
We are using an external service provider, based in Germany, for support and maintenance of ATLAS.ti Web. In addition, we are using another external service provider, also based in Germany, for hosting and operation of ATLAS.ti Web. The hosting and operations service provider uses the Amazon Web Services data center region Germany (Frankfurt) as hosting provider.
ATLAS.ti implemented industry-standard intrusion prevention and detection systems and data loss prevention systems to ensure the security of the data processed with ATLAS.ti Web.
ATLAS.ti implemented a comprehensive framework of security policies, including password requirements, a detailed backup policy and regularly tested business continuity processes.
ATLAS.ti implemented a role-based authorization concept on a strict “need to know” basis that ensures that employees receive access rights to applications and data depending on their respective area of responsibility and, if necessary, on a project basis.
All IT systems used by ATLAS.ti for our clients are multi-client capable. The logical assignment of the data processed on behalf of a customer to the respective client and thus the logical separation of the data is always ensured.
Please find a detailed overview of the technical and organizational measures of data security we implemented in our Data Processing Agreement.
All ATLAS.ti employees are regularly trained on data protection topics. All employees are obliged to handle personal data confidentially.
Every client can download/export all data processed via ATLAS.ti Web at any time. At the end of the contract, we will ask you to download/export all data and will, after a certain grace period, delete the system and all data.