How we comply with the General Data Protection Regulation.

GDPR compliant

Mercell has a wide range of security controls that secure the compliance of the EU GDPR directives, concerning privacy for any individuals inside our portal.

Security controls

Most of the security controls are managed and integrated with our ISO 27001 processes, whilst others have been governed through policies, agreements and new processes being communicated and implemented. We have also made several changes to our portal to support the portals data controllers, so they can easier carry out their GDPR obligations.

Availability, integrity, confidentiality, privacy, cecure processing

Mercell has implemented the appropriate security controls to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services, including the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident. Furthermore are there implemented processes for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures, for ensuring the overall security of the processing.

Privacy principles

All principles have been included into existing ISO 27001 processes, to assure relevant compliance within our existing processes.

User rights

All relevant user rights are the responsibility of the data controllers, and all users must therefore approach their user administrator, or their local DPO – Data Protection Officer, to request registration and fulfillment of their user rights. Mercell has improved several of these processes, making it easier for the data controllers to comply with their obligations.

Privacy policy and terms and conditions

Our Privacy policy follows the guidelines from the EU GDPR and explains how the personal information is being used in the portal.

Protocols and standardized data processing agreement

For protocols, there are implemented logs that log all incoming privacy requests, the processing events, and the privacy breach notifications. Mercell has developed their own standard data processing agreement together with some larger customers, whilst still securing that it can be appropriate for almost all of our portal customers.

Mercell Holding AS

Part of the Mercell Group, one of Europe’s leading providers of e tender systems and information between buyers and suppliers in the professional market.

Contact us

Write to us

+47 21 01 88 00