Security and trust center
House of Control delivers business critical services to its customers.These trusted services are delivered in line with regulatory and best practice requirements.
Privacy policy
Data processor agreement
Complete Control SLA
Operational status
Subproviders, sub-processors and data locations
Software as a Service
House of Control’s services are delivered as Software as a Service (SaaS). Our trusted platform is built by embedding security throughout the software development and delivery life cycle. We follow rigorous operational security practices such as penetration testing, vulnerability assessments, and strong internal access controls.
Making our services secure is a key concern for us. House of Control has many customers with high security requirements in regulated industries, and as a supplier we are committed to complying with these requirements. The requirements we implement in our SaaS solution will therefore be available to all our customers.
Information Security Management System
House of Control manages privacy and security through a structured Information Security Management System (ISMS). When processing personal data on behalf of customers' users, House of Control acts as a data processor in accordance with the General Data Protection Regulation (GDPR). Our ISMS defines the systems, policies, processes, routines, and measures that ensure the confidentiality, integrity, and availability of our customers' data.
The Complete Control application is ISO 27001 certified, demonstrating our commitment to international best practices for information security management. Additionally, we have obtained an ISAE 3402 Type 2 attestation, which provides assurance of our internal controls over a defined period. These reports cover our ISMS and Data Processing Agreement (DPA) and are available to customers and their auditors for compliance verification.
The security organization is led by the CISO in House of Control.
In addition, House of Control has appointed a DPO (Data Privacy Officer), whose main responsibility is to ensure and strengthen our ability to comply with regulations for the processing of personal data. We conduct an annual audit program to maintain and improve the effectiveness of our ISMS, ensuring alignment with industry standards and best practices.
Operations and security
House of Control uses ITIL and controls from the ISO 27000 framework to ensure effective and efficient processes. These most important processes are:
- Business Continuity Management
- Access Control Management
- Change Management
- Event Management
- Request Management
- Incident Management
- Operations Management