Privacy statement

We believe it is extremely important that your data is handled properly. That’s why we explain here why and which data we collect, as well as what you can do if you disagree with it. We’ve tried to keep this as simple as possible. We always treat your data with strict confidentiality—that’s the most important thing you will read here.

How We Secure Our Information

As mentioned, we consider information security extremely important because our software enables customers to operate in compliance with the GDPR (General Data Protection Regulation). To ensure the security of our information, we are ISO 27001 and NEN 7510 certified and also hold a SOC 2 report. Our software and your data are hosted in physical data centers in the Netherlands. Naturally, these data centers also meet the highest security standards.

Information security is a core element of our services and operations. Therefore, we work according to the following principles:

• We ensure that personal data is not unnecessarily or undesirably accessible.
• We consider safeguarding stored personal data a top priority.
• We continuously test and evaluate our security and privacy measures.
• We fully support users of our systems and encourage them to handle personal data appropriately, in order to optimally safeguard confidentiality and integrity.
• We only carry out instructions from the data controller if they are legally permitted.
• We are always transparent about our processes and the functioning of our software.
• We never use personal data for purposes other than the explicit wishes and instructions of the data controller.
• We process personal data only when there is a legal basis to do so.

Security & Privacy Controls

Security & Privacy Controls - Otherside Software B.V, issue date March 6th, 2026 ((on request available, send email to Customer Success office).

ISO 27001

ISO/IEC 27001 certificate, issue date July 22th, 2025 (download).

SOC 2

SOC 2 assurance report, issue data February 13th, 2025 (on request available, send email to Customer Success office).

NEN 7510

NEN 7510 certificate, issue date June 2nd, 2025 (download).

Penatration Test

PEN test, last external test December 15th, 2025 (on request available, send email to Customer Success office).

Service Level Agreement

SLA version 6.1, issue date December 1st, 2025 (download).

Data Protection Officer and privacy & security team

Otherside has put in place a Data Protection Officer and a privacy & security team. This privacy & security team consists of representatives from all parts of the organisation who potentially come into contact with customer data (consultants, support, IT management). In this consultation, all ongoing improvement actions, incidents and risk analyses are discussed, thus ensuring an integral monitoring of the security. The Data Protection Officer has been appointed to supplement the impact in this consultation of improvement actions, incidents and risk analyses with consequences for data subjects. 

To report a security incident or data breach as a CUSTOMER to Otherside at Work

In addition, the data protection officer (DPO) and/or de information security officer (ISO) of Otherside at Work.

Data subjects contact

Otherside has set up a contact point for the data subjects which they can turn to with their questions. The basic rule is that a controller (i.e. the customer of Otherside) must communicate with the data subjects. But if this is not possible, Otherside wants to be accessible to data subjects and support them where possible in resolving any problems. Otherside can be reached by data subjects via: