How does Goelett position itself in relation to data processing within the context of a potential partnership with a client company? Will Goelett act as a data controller, data processor, or joint controller?
We are subprocessor – provideing business travel manangement to corporations employees. We are controllers in case of storing transaction data for the services we offered.
What specific data protection certifications or accreditations has your organization obtained (e.g., ISO 27001, GDPR, CCPA)?
Goelett is ISO27001 certified. Our information security management system (ISMS), organisation, policies, processes and our practice regarding information security fulfil the requirements of international standard of ISO27001 norm. The certification has been granted by BSI (The British Standards Institution). Goelett utylises ISO27001 certified data centres.
Have you set up personal data protection awareness training for your employees? If so, please detail the form adopted by these training courses and the completion rate obtained from your employees?
Goelett is committed to safeguarding personal data. In alignment with the GDPR, we have implemented comprehensive data protection measures. Our employees undergo regular training on data privacy regulations, ensuring a thorough understanding of their responsibilities. We track training completion rates to maintain compliance and continuously enhance our data protection practices. Additionally Goelett has implemented Ethical […]
Is Goelett data protection policy available to its customers and employees?
Yes, the privacy policy is available online for everyone under this link: https://goelett.com/privacy-policy/