As the leading provider of technology and services within payroll and HR in the Nordics, we want to ensure that our customers are always supported by safe, secure solutions. As information security is the utmost important element of all digital business, we want to ensure safe and secure processing of your data. We want to be your trusted partner and the security and privacy of your data is one of our top concerns.

We continuously look for ways to improve our product and platform performance and protect the privacy of your and your customers’ data and prevent it from unauthorized access at all time. Our compliance program is here to help meet your organization’s compliance needs and we rely on industry best practices to get you there.

We review and update security policies regularly, provide security training, perform application and network security testing, monitor compliance with security policies and conduct internal and external risk assessments.

Our goal is to help you understand our commitment to comply with applicable privacy legislation, including GDPR.  Aditro Trust & Privacy Trust Center provides you more information on our security and quality management.

Security, Privacy and Quality
You can trust your data with us.

Security Risk Management
Information security risks are part of Aditro’s risk management scope. Each organizational unit identifies security risks in their daily work, together with top-to-bottom risk management for high-level risks. The risks are managed in accordance with the ISO 31000 framework.

Security Training
We believe that skilled and trained employees are the first line of defense against financial fraud and phishing attempts. In addition to mandatory annual security training, Aditro offers training for technical tools and security best practices throughout the entire organization, at all locations.

Technical Security
Information security starts with architectural design. We first ensure that security can be guaranteed on a design level, and then using various technical solutions we establish layered security defense and monitoring to protect assets like customer data. Daily operations include various security checks, alarms and audits to ensure the designed security levels are maintained.

Read more in Aditro’s Global Security Policy

Public PGP key
Aditro Security public PGP key for vulnerability and security communications. View here >> 

Aditro recognizes the importance of Personal Data and of respecting the privacy rights of individuals. Due to the nature of our business almost all the data that we handle has its origin in the employment relationship between our customers and their employees. The data that follows from such a relationship can be sensitive and therefore deserves special care. Aditro is committed to integrating privacy in its products and services so that our customers are able to be compliant in using our offerings.

Read more from our Data Protection Policy

Aditro invests to the quality and compliance in its products and operations, to ensure customer satisfaction. Aditro Business Management System covers the whole Aditro Group (i.e all companies and Nordic premises), containing the controlled processes and documentation for:

  • Quality (e.g ISAE 3402 type II reporting)
  • Security (ISO 27001:2013)
  • Data Privacy (GDPR)
  • Environmental Management (ISO 14001:2013)
  • Risk management (ISO 31000:2015)
  • Business Continuity (ISO 22301:2012)

Together with the centralized management and reporting, each Aditro area ensures the compliance and regulative obligations are met.

Aditro’s core values are “Leading”, “Committed” and “People Centric”. Our aim is to be Leading and Committed also in environmental aspects by operating in compliance with requirements of ISO 14001. As a service and applications provider, Aditro’s major impact on the environment is set by actions and decisions made by people. Aditro as a company commits to a responsible way of conducting its own business operations and protect the environment.

We evaluate suppliers environmental impact (Our hosting partner Elisa commits to environmental responsibility and sustainability in their data center operations)
We aim to reduce our environmental impact in our operations
We aim to have our operations certified with ISO 14001

Read more from our Environmental policy.