Security

Introduction

Puzzel has offered cloud solutions for 20 years. Over the years, we have established policies, processes, methods, technologies and embraced proven standards to meet our Customers availability and security requirements.

It is important to Puzzel to be recognized as a trusted partner for all Customers. Puzzel has implemented and will maintain appropriate technical and organizational measures intended to protect Customer Data against accidental loss, destruction, or alteration; unauthorized disclosure or access; or unlawful destruction.

The nature of threats is constantly changing; thus, security is a natural part of Puzzel’s development and operational processes.

This document is a high-level overview of Puzzel’s technical and organizational measures and controls implemented to protect Personal Data and ensure the ongoing confidentiality, integrity and availability of Puzzel Contact Centre Services.

Puzzel may change these measures from time to time. As a result, individual measures may be replaced by new measures that serve the same purpose or deal with the same risks without materially diminishing the security level.

Definitions

Within this document, the following definitions apply:

  • Customer means any purchaser of the Puzzel Contact Centre Services
  • Customer Data means any information provided or submitted by the Customer or Customers’ End User in the creation, use, participation or reporting of the Puzzel Contact Centre Services that Puzzel processes on behalf of the Customer
  • The Puzzel Contact Centre “PCC means the Contact-Centre-as-a-Service “CCaaS” provided by Puzzel to the Customer
  • Personal Data means any information provided or submitted by the Customer or End User in the creation, use, participation or reporting of the Puzzel Contact Centre Services relating to any identified or identifiable natural person that Puzzel processes on behalf of the Customer
  • Personnel means Puzzel employees and authorized individual contractors
  • Puzzel or Puzzel Group means Puzzel AS and its subsidiaries. When Puzzel Personnel or systems are referred to, this includes Puzzel AS and all its subsidiaries
  • Information Security Management System “ISMS” is a set of policies and procedures for systematically managing an organization’s sensitive data. The goal of an ISMS is to minimize risk and ensure business continuity by pro-actively limiting the impact of a security breach.
  • ISO/IEC 27001:2013 is an international standard that specifies the requirements for establishing, implementing, maintaining and continually improving an ISMS including the assessment and treatment of information security risks.
  • Board of Management “BoM” means senior management in Puzzel
  • Controller is the entity that determines the purposes and means of the processing of Personal Data. The Customer is the Controller and Puzzel the Processor.
  • Processor is the entity that process Personal Data on behalf of the Controller. Puzzel process Personal Data on behalf of its Customers.
  • Sub-Processor is third-party entity engaged by Puzzel to deliver/process specific parts of, or extensions to, the Puzzel Contact Centre. A Sub-Processor will process Personal Data.
  • Subcontractor is a person or a business that is engaged by Puzzel to support specific parts of, or extensions to, the Puzzel Contact Centre. A Subcontractor does not process Customer Data
  • Service or Services means services delivered by Puzzel
  • Data subject is any person whose personal data is being collected, held or processed
  • End User means a data subject contacting and communicating through one of the Services provided by Puzzel