PAYGLOBAL TECHNOLOGY AND THE GENERAL DATA PROTECTION REGULATION
IBANC software is an offline tool that complies with the requirements of the General Data Protection Regulation (GDPR, privacy legislation).
No processing agreement required:
Specifically with IBANC, you have a solution with which you already comply with the GDPR, since the processing and processing of information takes place solely on your own system, under your own management.
For that reason, no processing agreement is required. IBANC does not have - nor does wish to have - any possibility or technical facility to view and / or process information in your IBANC administration outside your own system. So we do not have any access to any information from your customers, not the name, bank or other information.
Online Backups:
Also for the Online Backup and Transfer service, there is no processing agreement required: the backups that you securely place online can only be accessed with your IBANC administration, your Online Backup password and a derived security key (PBKDF2). Only you have your Online Backup password. Due to this unique and secure design, the technical possibility that your backups can be viewed without the above information is excluded.
Technical information about the encryption used for the Online Backup and Transfer Service:
Encryption takes place in accordance with the password-based key derivation function PBKDF2. This is described in standard NIST SP 800-132 (based on IETF RFC 2898). IBANC implemented these in accordance with the recommendations of the European Union Agency for Network and Information Security (ENISA), using stronger cryptographic primitives than in the reference implementation:
- encryption algorithm security key: AES;
- hash-based message authentication code: SHA512 (instead of standard: SHA1);
- hash iterations: 65536 (instead of default: 1000);
- unique salt per security key, generated with strong PRNG (instead of per license).
With a view to data minimization: for the time being, there is no limit on the storage limit on the Online Backup and Transfer Service. At your own discretion, you can delete backups of the Online Backup and Transfer Service via IBANC:
- open Backups;
- select the online saved backup of your wish and click on Delete.
Processing information about you as our relationship
Information about you is processed solely for the execution of entered into agreements - normally the purchase agreement. This information is stored on secure servers, with logged access control. All network communications on these secure servers are encrypted in accordance with ENISA's cryptographic primitive standards for this type of traffic.