Compliance

This page describes the compliance of all Arca24 web services with the relevant policies and regulations currently in force within the organizations.

In particular, the company informs the clients that all products are 100% intellectual property of Arca24 and homemade.

All products are installed on Arca24 virtual servers, meaning that the code and its intellectual property are strictly safeguarded. Arca24 virtual servers are hosted in the data centers of DigitalOcean in Frankfurt with replication in Amsterdam.

Documents uploaded by candidates are stored on an encrypted Amazon AWS S3 bucket with multiregional redundancy.

In each supply contract, it is clearly stated that the intellectual property is and remains of Arca24. Both the duplication and the view of the code are strictly forbidden. Just the use of it is allowed in accordance with Arca24 regulations defined in its commercial relations.

Data awareness

Thanks to data encryption, Arca24 guarantees the highest state of personal data awareness for all the software users.

Indeed, such encryption minimizes all the risks related to the processing of personal data, as it protects the information from the risk of possible undesirable accesses, unauthorized or illegal processing of the personal data.

That way Arca24 guarantees data confidentiality and protects the information by making it unintelligible towards cybercriminals.

GDPR and Data Protection Officer

Arca24 has already made all effort within its power to guarantee the protection of the candidates’ personal data processed. Since May 28th, all Arca24 software have been 100% compliant to the GDPR, namely the EU General Data Protection Regulation. In particular:

  • All the servers are safely hosted in DigitalOcean in Frankfurt. DigitalOcean has several ISO certifications;
  • A disaster recovery plan and a continuous backup have been designed;
  • The software has been developed according to privacy by design and privacy by default principles;
  • All database data and the code have been anonymized and encrypted;
  • The team Arca24 are aware of the current regulations and continuous training sessions on that topic have been scheduled;
  • Arca24 appointed a data protection officer (DPO), i.e. an experienced Italian lawyer, to ensure effective data protection.

Server architecture

Arca24 uses a distributed data management model, which better meets the requirements of decentralization and cooperation among modern organizations.

As compared to a centralized system, a distributed one allows data replication on a higher number of clusters and it guarantees enhanced functionalities in terms of:

  • Minimization of data loss risk
  • Data reliability
  • Data scalability

Data Center infrastructure and certifications

The infrastructure has the following characteristics:

  • Tier IV Dual Datacenter Architecture
  • State of the art and «Banking Proof» infrastructure: high security standards, bank certified
  • 100% Green Computing: powered entirely by renewable energy sources
  • All components of the structure are fully redundant (power, UPS, cooling, fire protection, access lines, network)
  • All servers use SSD Technology
  • The servers can benefit from 40 GbE connections for a fast data transfer
  • Thanks to the geographic position of the data center, the connections within Central and Southern Europe are high-performance.

Shown below are the ISO certifications of the data center:

  • ISO/IEC 27001:2013
  • PCI-DSS

The management system of DigitalOcean was audited and certified as compliant with the standards.