Data Processing

COOKIES

Admincontrol uses Cookies on our websites for security, authentication and traffic measurement. A cookie consent form is presented on our login page at first visit, with information of cookies that are used and where you may accept or decline the usage of cookies for performance statistics.

USER ADMINISTRATION

Initially, Admincontrol invites one administrator user for each portal. The invitation is sent by email, and the user will register his own credentials (username and password) within an encrypted session. The user invitation is valid for a limited period. Default is 24 hours.

Then the administrator user are responsible for further user identity and access management in the portal, by using the built-in user administration system. The administrator user can deactivate users, and change the permissions and access levels for all the users in their portal.

FILE UPLOAD

The client administrators can upload documents and files using file-upload in the client web browser. No additional software or configurations is required.

FILE FORMATS

The following file formats are currently supported for upload:

  • Acrobat PDF Text document.pdf
  • MS Excel 97-2003 Workbook .xls (MS Excel 5.0/95 Workbook.xls is not supported)
  • MS Office Macro Enabled Sheet Spreadsheet.xlsm
  • MS Office Outlook File Mail Message.msg
  • MS PowerPoint Slide presentation.ppt
  • MS Office Presentation Slide presentation.pptx
  • MS Office Slideshow Slide show.ppsx
  • MS Office Sheet Spreadsheet.xlsx
  • MS Word Text document.doc
  • MS Office Word.docx
  • Word Open XML Document Template.dotx
  • Zip File.zip
  • CAD File.dwg
  • Audio Audio.mp3
  • BMP Image Image.bmp
  • GIF Image Image.gif
  • JPEG Image Image.jpg
  • JPEG Image Image.jpeg
  • PNG Image Image.png
  • TIFF IMAGE Image.tif
  • HTML Web-page.htm
  • Text document.txt
  • RTF Richtext.rtf
  • Video Video.mpg
  • Video Video.mov
  • Video Video.avi

Annotations is only supported for PDF documents.

ACCESSING DOCUMENTS AND DATA

Documents and data can be accessed by using a computer and a web browser when logged in to our service. Some security features requires Java. Optionally, the information can be accessed using an iPad and our native APP available at App Store. No additional software or plugins like Java are required using the iPad APP.

DOCUMENT SECURITY

The portal can be configured to use an embedded PDF reader for best possible document control and security. All PDF documents are then opened in a built-in viewer that does not leave readable traces of the document on the client machine. The viewers “cache” is deleted when the document is closed. All other file types are treated as regular files and attachments, and can be retrieved in a legible form. The systems administrator users can control printing and download rights to each document or for each user.

ACCESS PRIVILEGES

Only intended users have access to the client information. Admincontrol does not control or review any of the information in any client portals. The only way to access the information, is trough the Admincontrol Applications. All such activity will be logged and will be visible to the portal administrator. Admincontrol employees and support staff have documented policies and procedures for handling customer information and data.

DATA SEGREGATION

The Admincontrol solution is built for “multitenancy”, which means that there is a logical segregation of data between tenants. Security depends on the logical segregation rather than the physical separation of resources. The security mechanisms that ensure full isolation, are built into the database and application logic, and are verified through regular 3rd party security tests. The data encryption mechanisms also support full segregation, by using unique encryption keys for each client/tenant.

SUB-PROCESSORS

For Electronic signing and eID functionality we have partnered up with a EFA based Sub-Processor: Signicat AS.

All processing is performed in Norway and both Signicat and the Datacentre is ISO 27001 certified.

For transactional email delivery and SMS notifications, we use several different providers. These Providers only process the required personal data to be able to deliver the mail/sms.

A complete list of Sub-processors and locations is available here.

OTHER SUB-CONTRACTORS

Admincontrol use some subcontractors that provides us with Internet Connectivity and IT Housing services, none of these Sub-contractors has access to our servers or the data stored on them, and as such do not process any personal data on behalf of Admincontrol. All use of Sub-Contractors is compliant with our ISO 27001 certification.

CONTRACT TERMINATION

Admincontrol can completely remove all the client’s documents, files and meta-data upon request. If your account is terminated for any reason, please contact us with any request to access your data. Please be aware that Admincontrol may for a period of time retain residual information in our backup and/or archival copies of our data stores and databases. We will make reasonable commercial efforts to return and delete your information on our servers as soon as practically doable.

CONTACT

For further data processing details, compliance and security, please send us an email at:  [email protected].

Download Data Processing Agreement here