Rosterfy’s policies and procedures for data protection align to meet the standards and requirements of the GDPR.
This includes transparency with regard to the use of data as well as the protection of data collected by Rosterfy through our third party servers.
Since the GDPR was introduced in 2018, Rosterfy has been continually reviewing and updating our internal data collections and storage processes to ensure that our processes align.
Volunteer programs require data collection so naturally there are a lot of questions about GDPR including Rosterfy’s approach. We’ve highlighted some answers for you below.
Data Protection & Security
Rosterfy has a documented set of policies and procedures that defines our approach to security as an organization. These are shared with all staff and reviewed and updated frequently to ensure our approach to security remains current.
To maintain the highest level of certifications and accreditations, we integrate and maintain the latest in innovative security and privacy technologies. As a Rosterfy customer, you are protected by our multi-tiered security measures and accredited procedures.
To provide world-class security, we ensure our platform meets key Information Security Management System (ISMS) standards. Rosterfy is certified against ISO27001 standards for Information Security compliance.
Rosterfy monitors our system using external and internal vulnerability scanning. We perform frequent audits and security assessments with independent and globally recognised security assessment firms
Third Party Security
Rosterfy runs on AWS cloud infrastructure. We host customer instances between multiple Availability Zones in three regions (AU, UK, EU and USA).
AWS is accredited by and compliant with a large number of the latest industry standards – more information can be found here: https://aws.amazon.com/artifact.