General Technical and Organizational Measures Measures According to Art. 32 para. 1 GDPR

The contractor has taken the following technical and organizational measures.
1. Confidentiality (Art. 32 para. 1 lit. b GDPR)

Entrance Control

Measures to prevent unauthorized persons from gaining access to data processing systems with which personal data is processed or used.

The FASTEC building is equipped with an access control system. Only authorized persons can enter the building using an RFID chip. Access to each office floor is secured by another access control system, as is the server room. 

Access Control

Technical (password/password protection) and organizational (user master record) measures with regard to user identification and authentication:

Only people with a valid user account have access to the FASTEC network in combination with their password. There is a strict separation between the “FASTEC network” and other existing networks, such as the guest WLAN.

When accessing the FASTEC network from outside (VPN), two-factor authentication using OTP is also required. 

Admission Control

Measures to ensure that persons authorized to use a data processing system can only access the data subject to their access authorization and that personal data cannot be read, copied, modified or removed without authorization during processing, use and after storage.

All IT systems used at FASTEC have differentiated authorizations, which are also configured in such a way that employees only have access to the data required for their area.

Separation Control

Measures for separate processing (storage, modification, deletion, transmission) of data with different purposes:

Data that is used for processing different purposes is also stored separately. 

Pseudonymization (Art. 32 para. 1 lit. a GDPR; Art. 25 para. 1 GDPR)

The processing of personal data in such a manner that the data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to appropriate technical and organizational measures.

Pseudonymization does not take place.

2. Integrity (Art. 32 para. 1 lit. b GDPR)

Transfer Control

Measures to ensure that personal data cannot be read, copied, altered or removed with-out authorization during electronic transmission or during their transport or storage on data carriers, and that it is possible to verify and establish to which bodies personal data are intended to be transmitted by data transmission equipment.

In general, FASTEC does not transmit any personal data of our customers’ employees to third parties.

Access to customer systems is usually via VPN systems provided by the customer. 

Input Control

Measures to ensure that it is subsequently possible to check and determine whether and by whom personal data has been entered, modified or removed from data processing systems.

FASTEC employees do not enter the data of our customers’ employees. 

3. Availability and Resilience (Art. 32 para. 1 lit. b GDPR)

Availability Control

Measures to ensure that personal data is protected against accidental destruction or loss.

As FASTEC does not carry out any order processing in the strict sense, there is no personal customer data that would have to be protected against loss. 

Nevertheless, FASTEC has of course taken measures with regard to other systems to prevent data loss. These include regular backups in various fire protection sections, uninterruptible power supplies, virus protection/firewall as well as fire extinguishers and air conditioning in the server room.

4. Procedures for Regular Review, Assessment and Evaluation (Art. 32 para. 1 lit. d GDPR; Art. 25 para. 1 GDPR))

Data Protection Management

All FASTEC employees are instructed annually on the subject of data protection. We work continuously on our data protection management system in cooperation with our external data protection officer.

Data Protection-Friendly Default Settings (Art. 25 para. 2 GDPR)

This point does not apply, as our customers’ employee data is not entered and there are therefore no data protection settings that need to be set so that as little data as possible is collected.

Order Control

Measures to ensure that personal data processed on behalf of the client can only be processed in accordance with the client’s instructions.

The order control is realized by a clear contract design.

FASTedge SFT15

The 15-inch touch terminal is required for each machine. It has a universal RFID reader and two digital inputs for machine connection as standard.

Terminal, Shopfloor, Tablet, Produktion, FASTedge, MES, MES-Einstieg, FASTEC

FASTedge Box

Both the terminals and the machines are connected to the EdgeBox via LAN or WiFi. The cloud connection is made via your network or mobile communications. At least one EdgeBox is required. The system can later be moved to your own server.

Edgebox, MES-Einstieg, MES, Edge, Hardware, FASTEC, FASTedge

User

Personal users are required to report the collected data. The number of employees involved in data acquisition in your production does not matter.

Systems

Each line and machine in your production is licensed individually.

Thank You for Your Interest in FASTEC

Please confirm your data for the free download. After filling out this form, you can directly download our User Reports and Whitepapers.

  • This field is hidden when viewing the form
  • This field is hidden when viewing the form
  • * = Required Field
  • This field is hidden when viewing the form
  • This field is for validation purposes and should be left unchanged.