Compliance and certificationsAlways Secure, Certainly Compliant
Communication processes used by international companies are facing increasingly stringent compliance requirements. With Retarus’ Enterprise Cloud it’s easy for you to comply with internal policies and external regulations, consistently and company-wide.
Complete Protection from the Cloud
With us, your data remains available, intact, and confidential – anywhere in the world. To ensure this, Retarus uses a security framework and an information security management system (ISMS) audited according to ISAE 3000 SOC2 Type II and certified in accordance with DIN EN ISO/IEC 27001:2017. This allows us to support you in your compliance with your international standards and individual control sets, regardless of which Retarus Cloud Service you use.
Retarus Cloud Services: Internationally Compliant.
- ISAE 3402 (SOC1) Type II
- ISAE 3000 (SOC2) Type II
- ISO 27001 (DIN EN ISO/IEC 27001:2017)
- HIPAA
- DSGVO/GDPR/Bundesdatenschutzgesetz
- PCI-DSS
- TISAX
- ENS
We consider the data of our employees and business partners to be valuable property and protect it globally, while considering all locally applicable laws and regulations. We consistently comply with all relevant data privacy regulations and commit ourselves to handling confidential information with great care.
Retarus Code of Conduct
Signed and Sealed
With Retarus Cloud Services you can be sure that you are in compliance with all relevant regulations. The internal control system ensures that your business-critical data and information receives the highest level of protection in accordance with ISAE 3402. Furthermore, Retarus is PCI DSS Level 2 verified, ENS certified, and supports industry standards such as TISAX. As a European company, we fully comply with the GDPR. In addition, our Security Framework includes best practices from the ISO 27000 series, as well as the IT basic protections of the German Federal Office for Information Security (BSI).
HIPAA and others
Particularly important for the United States of America health care system are the regulations put forth by HIPAA and HITECH Act, as well as industry standards such as HL7. They stipulate the highest level of sensitivity when handling confidential patient and health care data.
TISAX
ISAE 3402 / SSAE 18 / SOC 1
ISAE 3000 / SSAE 18 / SOC 2
ISO/IEC 27001
PCI-DSS
TX-RAMP
The Texas Risk and Authorization Management Program provides a standardized approach for security assessment, certification, and continuous monitoring of cloud computing services that process the data of Texas state agencies.
Read more
United States of America | HIPAA |
US-ASH and US-SEC:*
|
Singapore | Data Protection Act 2012 PDPA |
SG-SGP:*
|
Germany | Federal Data Protection Act (GDPR) |
DE-FRA:*
DE-MUC:
|
Switzerland | Federal Law on Data Protection (DPA) |
CH-ZRH:*
|
*) Additional certificates/attestation provided by the selected colocation provider
Individually Auditable
You can check the Retarus Security Framework at any time if you require special certifications for compliance. Your auditors will receive personal access to our data centers and information about the relevant processes.
Demonstrably sustainable
ESG (Environmental, Social and Governance) is a topic everyone is currently talking about – and that's just how it should be. Retarus has always made a substantial effort when it comes to responsibility and sustainability, and can back this up with the requisite evidence. In its universal sustainability rankings, for instance, Ecovadis has attested to Retarus' efforts by rating the company amongst the top 22 percent of organizations in the computer programming, consulting and related activities sector. In addition, Retarus' sustainability profile at Integrity Next provides a lot more detailed information on the topic. Retarus passed the mandatory energy audit in accordance with DIN EN 16247-1:2012 in October 2022 with an excellent result.