Circit and its staff are governed by robust procedures and administrative controls which are certified to ISO 27001:2013.
The company’s information security policy sets out Circit’s commitment to preserving the confidentiality, integrity and availability of all the physical and electronic information assets within its Information Security Management System (ISMS) operated from its office in Dublin.
The ISMS is subject to continuous systematic review, improvement and regular re-certification audits.
Circit processes personal data in accordance the current data protection laws in Ireland. In addition, Circit’s commitment to data privacy is demonstrated by the additional steps taken to comply with the general data protection regulation (GDPR) which is due to come into force on the 25th May 2018.
By maintaining strict adherence to GDPR, Circit allows its customers to ensure their own compliance to the new regulation which has considerable implications beyond existing data protection laws.
Circit complies with International Standards on Auditing in the U.K. and Ireland for External confirmation requests.
Where e-signatures are used on the platform, Circit complies with the European Union Regulation eIDAS (EU No.910/2014) regarding electronic identification, signatures and documents.
Each signature on an audit request is affixed to that request and applied with an extended validation digital certificate which ensures the request document is immutable.
A certificate of completion is attached to the request with the digital certificate identifier and an audit trail to show who signed the request and when.
Circit creates a comprehensive transaction trail between signing parties including end-user information, timestamps, and IP addresses which are appended to each signature request.