Careers
Contact
Client Portal
Let's talk

Data security is more important than ever

The amount of data that is currently processed by SpendLab is immense. Therefore, we have set up internal processes, systems and procedures to ensure the maximum security of data that is processed for our clients.

Gecertificeerd ISO 27001 - Kleur
Gecertificeerd ISO 9001 - Kleur

International Standardization Organization

An ISO certified organization

To be able to guarantee quality and data security, SpendLab has chosen to be certified for two ISO standards, namely ISO 9001:2015 and ISO 27001:2013. These standards provide organizations with the tools and guidelines to gain control over Quality (ISO:9001) and Information Security (ISO:27001).

Every year, SpendLab’s Information Security Management System (ISMS) is independently audited to ensure the effectiveness of the measures taken. Due to the fact that our solutions are data-driven, we deeply value a high degree of data security. This is also the reason why an extensive set of technical and organizational measures has been taken to meet the requirements set by ISO, but also by our clients. Some examples of measures that have been taken are:

  • The use of multi-factor authentication
  • Encryption of both data-in-transit and data-at-rest
  • Role Based Access on a need-to-know basis
  • IO Whitelisting
  • Encrypting and centrally managing equipment
  • Screening of personnel
  • Employing a specialized Security Officer and Data Protection Officer to safeguard the established internal processes, systems and procedures

General Data Protection Regulation

GDPR

The General Data Protection Regulation (GDPR) has been active since 2018. This European regulation imposes strict requirements on organizations with regard to the processing of personal data. SpendLab only processes small amounts of personal data of its clients. Nevertheless, we are often asked how we process our client´s data and in what ways we do this.

SpendLab only processes data from our clients’ suppliers. Depending on how these suppliers invoice, we process personal data. During the analyses that are performed for clients, personal data rarely occurs. If this does happen however, the data will be anonymized if it turns out to be irrelevant to the possible file.

For more questions regarding the processing of personal data or our ISO certifications, please contact us at privacy@spendlab.com and/or polle.westbroek@spendlab.com.

Veelgestelde vragen

FAQ

No, SpendLab does not link anything to a client’s application. We work by means of a one-off data extraction from our client’s financial application.

Personal data is not relevant to SpendLab in order to conduct a successful Accounts Payable Recovery Audit. In practice, however, we do notice that personal data is stated by suppliers within invoice lines – in particular in the invoice description. This includes name and address details and, in exceptional situations, a license plate and/or a social security number.

Staat jouw vraag hier niet tussen?

Phone number

+31 (0) 20 570 91 00

Email Adress

Info@spendlab.com

Adress

H. W. Sacréstraat 401, Schiphol

Follow up on our social channels and stay up to date on our latest news.

Youtube Linkedin

Quick links

Popular links

Newsletter

Sign up for our newsletter and keep updated about how we can help your company!

Copyright © 2022. All rights reserved.