As with the development of our innovative products, excellent execution is the be-all and end-all for us when it comes to data protection and information security.

Why data protection and data security is so important to us

Banks and insurance companies must follow strict regulations regarding data collection and processing in online banking. When implementing and running online services, these financial institutions must meet high standards to protect customers’ data. As the market-leading software company for the largest banks and insurance companies, we at Gini take this need seriously. We set high standards for ourselves to protect and secure our clients’ data.

As we develop our innovative products, we also adhere to our Gini values in data protection and information security, going the extra mile.

  • Our values include excellence, reflected in how we handle customer data. We meticulously adhere to data protection requirements down to the smallest detail.
  • We recognize the risks of inadequate data protection and continuously monitor potential security risks internally and with external partners to ensure a secure environment for our solutions.
  • Warmth within our team is essential. We treat our customers’ data security needs with respect to leave them with a good feeling.
  • We value independent effort and responsibility within the team. We apply this approach to our customers’ data protection needs, being open and transparent in implementing data protection requirements and taking responsibility for security risks, breaches, and incidents.

Since our product is based on artificial intelligence and trained with data accordingly, we hold ourselves to high standards to meet the strict requirements of data protection and information security. We adhere to applicable data protection laws and follow the ethical and legal principles of the GDPR: lawfulness, purpose limitation, transparency, data minimization, and accuracy. (Source: Article 5 GDPR)

Measures for Data Security

At Gini, we implement a variety of measures to ensure data protection and information security and to guarantee it in the long term.
We voluntarily conduct annual internal data protection audits by our external data protection officer to ensure compliance with GDPR requirements. These audits cover our data protection concept and the technologies used, the processes for collecting, storing, and transmitting personal data, and handling data protection breaches. The data protection audit not only provides an overview of the current status of our data protection but also identifies potential weaknesses and shows us where improvements are recommended.

We are voluntarily certified according to ISO 27001 and undergo regular ISO check-ups and certification reviews by TÜV Süd. The international ISO standard defines secure criteria for establishing, operating, documenting, and improving a documented information security management system (ISMS). Our certification by TÜV Süd objectively and credibly demonstrates the effectiveness of our IT system and allows us to identify internal weaknesses in data protection and close security gaps.

<h2>How We Keep Our Customers Informed</h2>
Within the team, we maintain maximum openness and transparency and behave accordingly towards our customers, especially regarding data protection.
Each of our customers receives a Quarterly Security Report from us, in which we list important incidents, innovations, and other data protection measures. This gives our customers a transparent overview of how we implement data protection and ensure data security.
Would you like to get an overview of our data protection measures now? We have set up a company page with all critical information. Everyone can view our certificates and data protection audits and understand the organizational, product-technical, and technological security precautions.

Of course, we also meet the legal data protection requirements on our website. Our privacy policy informs our customers in detail about the collection, processing, and use of personal data on our website. Through our imprint, our customers can quickly check who is responsible for the content of our website.

Michael Poprat

Senior Operational Excellence Manager, Information Security Officer, Data Protection Coordinator

At Gini, we want our posts, articles, guides, white papers and press releases to reach everyone. Therefore, we emphasize that both female, male, and other gender identities are explicitly addressed in them. All references to persons refer to all genders, even when the generic masculine is used in content.