Growth companies

GDPR and why NerdCloud is compliant

by
on
9/7/2022
GDPR and why NerdCloud is compliant

With the rise of the handling and storage of data, more and more governing authorities are putting legislation in place to protect their citizens. We know this well; NerdCloud takes quality and safety protocols very seriously, not because of legal compliance, we do it because people and businesses expect and demand that. We deal with businesses all around the globe and take the utmost care to always comply with unique guidelines and laws for privacy and security in their respective countries. 

One such example of these laws is the GDPR (https://gdpr.eu/). We will not go more into what GDPR is, you probably already know enough, but we’ll focus on how we comply with it and other similar regulations.

When NerdCloud develops software for your company, you never have to worry about us mishandling sensitive data. This is because of our process, which is designed to address security risks! Let’s dive into the details how we do that:

Fake or demo data

We use fake data for testing so that there is never any danger of data being mishandled or misused. No matter which developer(s) is working for you, no matter where they or you are located, no matter what type of software it is, we never use real data. 

We need to know the database schema or data structure, so that we can generate similar data to the production environment. Googling “fake data generator” gives results like https://www.mockaroo.com/ or https://www.tonic.ai/ which are examples of services created to generate demo data.

NerdCloud does projects to all kinds of businesses, including companies from the banking sector, without any problems to the privacy or GDPR regulations. We can develop and test functionalities with fake data that has the same structure as the real data will have. 

Development vs production environments

We always use local and staging environments for development, and the core team can see every change in the repository and approve them (MR or PR). When the code is ready, it is transferred to the production environment by the core team and only the core team can operate with GDPR-protected data. Therefore, the only thing that you have to worry about is that your own organization is GDPR-compliant. 

Risk management and responsibility

NerdCloud runs a Software Development as a Service platform business, which means that our developers can be from all over the world. Our internal processes and agreements are very strict, and security audits can be done to NerdCloud project managers and staff, but as we run a platform business similar to cloud services, the same audits are not suitable on the platform level. 

We take full responsibility of the code we deliver and have an audit trail to all code and commits, with strict internal tests to ensure no hostile code is put in there. The core team also sees every change in the code repository and their responsibility is to approve them, so nothing is done in a black box. On top of that as we do not have access to the production environment or the real data, the risk working with us is theoretical. 

So now you know that working with us is a breeze. You’ll achieve your goals so much faster with our fully managed tech resources that are 100% GDPR-compliant. Why not give NerdCloud a try? With our flexible monthly plan, you get a truly elastic solution that’s entirely tailored by you. 

If you’d like to know more about quality control, click here. For answers to some of our most frequently asked questions, click here. If you’d like to get in touch with us, please click here.