Built on a secure foundation

Having worked in the field we know what it is like to handle confidential and sensitive information and we take up the cause of protecting what the humanitarian organizations trust us with.

ISO 27001 certified

Our company is ISO 27001 certified. This is the internationally recognized Information Security Management standard which requires that organizations assess information security risks, put in place robust security controls and processes, and embed information security management across the organization.

Screenshot of ISO 27001 badge

Security by design

Fine-grained permissions to control user access to data. Audit logs for complete overview of actions.

Screenshot of user permissions

Single sign on (SSO) authentication

We integrate external Identity Providers (Azure Active Directory, Google Workspace, Humanitarian ID) and offer a Single-Sign On experience to users. Organizations can expand two-factor authentication policies to ActivityInfo and users can sign in with their work account to ActivityInfo.

Physical Security and hosting

ActivityInfo.org builds on the Google Cloud Platform, which runs in Google’s world-class secure data centers where strict physical security is implemented by Google.

Google’s App Engine meets the ISO 27001:2005, a comprehensive international security certification which is verified by an external auditor and checked regularly thereafter.

Backups

When using the ActivityInfo SaaS version your data is stored in servers in multiple, redundant data centers in the EU including Frankfurt, and Belgium, and the Netherlands. By keeping multiple copies of the data in these locations we make sure we have enough backups in case of a natural disaster or failure of a single data center.

Encryption

Data stored in our platform is encrypted from the moment your data moves from your browser to our web servers. All data stored in the platform is encrypted at rest. This ensures that the data will be private and integral at all times.

Have complete control over data and changes

Audit log

Get a complete audit log for your databases and handle cases of deleted data on your own, in a single click. Use filters to detect important changes timely. Review the details of individual events and contact users responsible for changes easily.

Screenshot of audit log

Legal Framework

ActivityInfo has employment agreements to ensure that employees will abide with rules, regulations and confidentiality requirements. We define our relationships with our staff, with our clients and with our suppliers with contracts that clearly define and enforce confidentiality.

Service Level Agreement

The security of the information gathered and stored in ActivityInfo is of paramount importance for us. We sign a Service Level Agreement (SLA) with the organizations that have a subscription with ActivityInfo that specifies our obligations and Terms of Service and clarifies issues such as data ownership and data security.

General Data Protection Regulation (GDPR)

General Data Protection Regulation law, which was put in place by the EU in May 2018, assists in better clarifying the roles of each actor regarding data privacy and lists action points for which each actor is responsible. BeDataDriven, the provider of ActivityInfo acts as the data processor and has outlined responsibilities regarding data privacy.

User management

Refined user management for simple or complex structures

Control users access and actions up to the last detail with granular permissions or assign ready-made user roles.

Learn more user management in ActivityInfo