NuvolaPay and the GDPR

The new GDPR came into force at the end of May 2018; the privacy regulation that comes from Europe has been implemented by Italy and deals with a series of provisions that all companies and professionals must comply with, under penalty of penalties. At the work of the expert consultants on the matter we indicate what NuvolaPay does in light of this legislation.

The software NuvolaPay is the central management of data processed by the Manager . According to the GDPR, but it is also simple common sense, the data must be protected, access to data cannot be indiscriminate and uncontrolled. E’ It is important that the managing body prepares registers that keep track of which data have been consulted, by whom and when. NuvolaPay in this regard, includes a series of features and specifications to help the company with GDPR compliance.

Access log

A fundamental aspect in case of control over the compliancy to the GDPR is the presence of registers that keep track of all access to the data occurred in the company. E’ objectively unthinkable that an employee records in a special register every time he accesses a registry through the management software, an operation that is repeated countless times in a working day.
For this reason it is NuvolaPay to generate this register, automatically, as it records the user who has accessed the data for each activity, consultation of record list and single record, with the date and time of access. Moreover, track any data exports in Excel format, CSV, PDF, JSON. In this way, the data access log is automatically generated, day by day!

Access authentication

To ensure access to NuvolaPay insecurity, the user must use not two but three keys: Company Code, username, password. What does it mean? That although someone can get hold of the username and password of one of our employees, will not be able to enter the management system. E’ it is also possible to request that the devices used are enabled for access via email confirmation. This proves that, in case of checks, the company uses high security measures for countermeasures to counter unwanted access.

Data exports and system logs

The so-called “data breach”, bones data leakage, it is one of the dangers that the adoption of the GDPR wants to reduce. A person who has access to it, employee or external consultant who he is, could exploit its access to company data to export and resell them or distribute them outside the company, illicitly. The GDPR suggests the adoption of registers that keep track of data export activities. NuvolaPay it generates the register automatically by tracing every time a user proceeds and exporting the data in xml format, csv, PDF. , to be shown in case of control by the competent authorities.

Backup and restore

NuvolaPay is a cloud software, and for this the data backup is done by us, even if at any time the customer can save a copy locally. The GDPR establishes the need for a data recovery strategy in the event of data corruption or loss. NuvolaPay makes a copy of the data in near real time, therefore a particularly powerful and accurate backup policy. In case of data loss, you will be able to restore the most recent backup!