Availability and Security
Artisan Global Media is a Swedish company with headquarters in Sweden. Our servers are located in Sweden and subject to Swedish law. We treat all data our customers enter with confidentiality, and we handle personal data according to GDPR, the General Data Protection Regulation.
Artisan develops the Artologik series and provides the software for installation on-premise and as a cloud solution. Our cloud solution is a SaaS service where Artisan operates and maintains the applications.
Both Artisan's operations and data centre are ISO 27001 certified, which means that our management system, processes and working methods meet the high global requirements for information security. Artisan promises to conduct systematic and risk-based information security work focusing on continuous improvement and compliance with applicable laws and requirements to achieve high levels of information security.
All employees have agreed to a confidentiality and non-disclosure agreement that prevents the dissemination of confidential information about customers and their business.
Country for processing information
Artisan handles all data in Sweden.
Hosting in Artisan’s data centre
Our environment is based on Microsoft Windows and Linux servers. All systems in the data centre are monitored 24 hours a day, allowing us to react quickly to disruptions. All devices classified as critical have redundancy.
Our SaaS service has a significantly high availability level and guarantees an availability rate of 99.9%.
Our servers are located in a data centre according to current standards. The data centre includes enhanced security and shell protection, fire protection, climate control systems and uninterrupted power. The servers are connected to redundant power sources, UPS and diesel engine generators as a backup in case of more extended power outages.
We have redundant capacity and fibre connections to ensure that our internet connection always works.
We continuously perform full backups on all systems. Backups are stored in separate physical locations.
Anonymisation and Sensitive Data Removal
Our systems are equipped with features designed to anonymize and remove Personally Identifiable Information / sensitive data. During the contract, the customer is responsible for managing and overseeing the handling of sensitive data within the systems. While our platform provides tools for anonymization and data removal, ultimate oversight and decision-making regarding data governance rest with the customer.
Authentication and encryption
We offer our customers high-speed access and an encryption certificate (https) for secure communication and data transfer.
Access to the services requires login with a username and password or alternative authentication via, e.g., SAML2 or OAuth.