ISO 27018 certificate for BCC cloud solutions: protection guarantee for sensitive data | All for One Poland

ISO 27018 certificate for BCC cloud solutions: protection guarantee for sensitive data

A certification audit conducted in October 2015, confirmed that BeeOffice solutions available in the cloud, BCC ECM and Edistrada meet the stringent standards for protection of stored data, contained in ISO 27018.

The certification unit of TÜV NORD Poland conducted the audit. The audit concerned the application offered to companies and institutions in the SaaS (Software as a Service) model. These include BeeOffice – innovative employee self-service portal for companies of all sizes, BCC Enterprise Content Management – solution supporting the flow of information and document management, as well as Edistrada – flexible platform for business data exchange. BeeOffice, BCC ECM and Edistrada are developed within the BCC Software Factory and maintained, based on the secure infrastructure of BCC Data Centers.

The auditors from TÜV NORD examined all technological and organizational aspects of maintenance, development and implementation of the application, which affect the safety and confidentiality of processed data. The subject of the audit constituted such process as:

  • system for creating and maintaining backup data
  • data encryption (both at the level of storage and transmission)
  • management of changes in applications (among others the separation of the development, testing and production environments, and process of issuing a new version of the application)
  • registration of users and administrators activity
  • management of users accounts and their rights

The audit confirmed that the practices used in BCC meet the restrictive standards set out in ISO 27018.

“Using our products in the cloud, customers process data requiring special protection. These include for example – employees data in BeeOffice, agreements with contractors archived in BCCECM, transaction data with key customers on Edistrada platform. Now, thanks to the ISO 27018 certificate, our customers shall obtain an additional, independent guarantee of their security and confidentiality” – said Michał Kunze, Director of Software Development BCC.

The ISO 27018 certificate obtained by BCC extends the scope of functioning in BCC Information Security Managements System, in compliance with ISO 27001. ISO 27001 covers all issues related to protection created, stored, as well as information processed within the company. Its purpose is to verify and strengthen security while taking into account sources of threats, which may be people, business processes and technology.

Write us Call us Send email






    1. Personal data is processed pursuant to Article 6 (1) (a) of the Regulation of the European Parliament and of the Council (EU) 2016/679 of April 27, 2016 – the General Data Protection Regulation
    2. The data controller is All for One Poland sp. z o.o. with its registered office in Złotniki, ul. Krzemowa 1 62-002 Suchy Las. Contact data of the Data Protection Supervisor: iod@all-for-one.com.
    3. Consent to data processing is voluntary, but necessary for contact. Consent may be withdrawn at any time without prejudice to the lawfulness of the processing carried out on the basis of consent prior to its withdrawal.
    4. The data will be processed for the purposes stated above and until this consent is withdrawn, and access to the data will be granted only to selected persons who are duly authorised to process it.
    5. Any person providing personal data shall have the right of access to and rectification, erasure, restriction of processing, the right to object to the processing and to the transfer of data, the right to restriction of processing and the right to object to the processing, the right to data transfer.
    6. Every person whose data is processed has the right to lodge a complaint with the supervisory authority, which is the President of the Personal Data Protection Office (ul. Stawki 2, 00-193 Warsaw).
    7. Personal data may be made available to other entities from the group that All for One Poland sp. z o.o. is part of – also located outside the European Economic Area, for marketing purposes. All for One Poland ensures that the data provided to these entities is properly secured, and the person whose data is processed has the right to obtain a copy of the data provided and information on the location of the data provision.

    +48 61 827 70 00

    The office is open
    Monday to Friday
    from 8am to 4pm (CET)

    General contact for the company
    office.pl@all-for-one.com

    Question about products and services
    info.pl@all-for-one.com

    Question about work and internships
    kariera@all-for-one.com

    This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.