Privacy policy

We understand our responsibilities as the data processor. Our privacy policy ensures that you, the data controller, can fulfill your obligations to your data subjects. We have features in place that allow you to manage the retention and retrieval of data. We will never share your data with third parties and the only people authorized to access your data are selected OnceHub employees who require access in order to fulfill their job responsibilities. To uphold the onward transfer principle, any sub-processors we use are held up to our privacy standards. Our privacy policies and processes are continually monitored by the OnceHub privacy officer. See our Privacy Policy

Privacy by design

Privacy is our default mode of operation. We are committed to taking a proactive approach rather than a reactive one to ensure that privacy is never an afterthought. Privacy is a key consideration right from the early stages of the development lifecycle. We perform privacy risk and impact assessments for any new features that may potentially affect the data flow of our application. All employees undergo periodic privacy training to ensure they are able to identify privacy incidents and escalate them appropriately.

Privacy auditing

Our application is audited internally and externally on an ongoing basis to identify potential privacy flaws and exposures. Our Privacy Policy is compliant with the EU Privacy Shield Framework and Swiss Safe Harbor programs. We have also worked closely with VeraSafe to meet their privacy verification requirements.