The DataEngine can be fully used in accordance with all principles under GDPR Article 5. Principles a) up to and including e) [lawfulness, purpose limitation, data minimisation, accuracy, storage limitation] are the responsibility of the customer. We, as Marini Systems GmbH, only host your systems, cannot guarantee legally binding advice and are not responsible for the content and use of your systems. How you handle and use your systems is your responsibility and accountability. However, we are happy to support you (without any legal advice) thanks to our numerous experiences with our clients since the introduction of the GDPR.
We guarantee principle f) of confidentiality and integrity with regard to unauthorised access by third parties. To this end, we operate our infrastructure in accordance with the latest security standards. Furthermore, we are happy to support you in implementing the principle within your DataEngine. The keyword here is Access Control Concept. The DataEngine allows you a fine-grained role and rights administration. You have the possibility to create and combine unlimited roles to ensure that only authorised users can see, edit and delete the corresponding data.
Technically, you automatically fulfil the principle of accountability (paragraph 2) through our standard active auditing. Here, every change is audited at data record level, including the user who made the change. This gives you the unlimited possibility of being able to trace changes to the data retrospectively.
We, as Marini Systems GmbH, are even obliged to report abuse or gross violations of the GDPR in case we observe it.