# Privacy and security
# Privacy and security at Signicat
Signicat provides a critical part of the IT infrastructure to our clients. Our specialists therefore work continuously on the security of our platform to develop it further. We ensure that the solution meets the latest security standards.
Security checks are built into our process at all stages: from design to production and implementation of our software. This is also independently verified and certified on a regular basis.
Signicat takes the privacy of you and your clients very seriously. We comply with the most recent security regulations, which you can find on our certification page.
The authentications themselves are protected by end-to-end encryption. We do not process any sensitive personal data. Normally, we only transmit (route and reroute) data and therefore do not view specific data streams. Our system administrators monitor our systems 24/7. This ensures that the availability of your services is guaranteed.
# Do I have to enter into an additional processor agreement under AVG?
Signicat attaches the greatest importance to the careful and safe handling of your data. In the context of eHerkenning, we are the party responsible within the meaning of the General Data Protection Regulation, according to the Electronic Access Services Agreement.
Signicat is responsible for your personal data that we process. In this capacity, we comply with the applicable privacy legislation. Furthermore, this responsibility means that Signicat safeguards the rights of those involved and strives to achieve the highest possible level of security. Because Signicat is responsible within the framework of eHerkenning, you are not required to enter into a processing agreement with us. More information can be found on the website of het afsprakenstelsel (opens new window).
# What information does Signicat see?
Signicat understands privacy. The information we can access is what we store in our logging. However, do not normally access these details unless there is a need.
# Where does the processing of authentication requests take place?
Signicat's data centres are located within the European Union. Our services are fully GDPR-compliant and all of the data processing is done safely within European Union borders.