DATA PROTECTION AT “CLIMBING THE RIGHT TREE”

Our foundation highly values professional quality and for us, compliance with GDPR legislation is a standard that we follow not only for our own operations in the Netherlands, but also for all our partners worldwide.

  • We have an international privacy policy and we request all our country offices and collection points worldwide to comply. You can find the text HERE as well as on our international partnerwebsite of Maxim Nyansa IT Solutions Foundation.

  • Early 2022 we have done a professional information security risk analysis on our worldwide business processes, according to ISO 27001, followed by various measures to mitigate some of the risks but without doing the formal certification for reasons of cost effectiveness. Our own information security volunteers have done this for us.

  • We check volunteers prior to joining us and require a “ Verklaring omtrent gedrag” from the Dutch justice agency.

  • Our headquarters in Veenendaal have an alarm system and permanent camera surveillance. Also we check collection points in the country for security.

  • We are always obliged to remove all data from equipment before shipping it to a location outside the EU.

  • Note, that some companies decide to remove hard disks and destroy them, or only donate monitors and keyboards to us. That is not necessary, we prefer to use a safe way to erase all information and leave clear evidence of that action, and give these machines a second life in an African school. We hope that this information shows that your computers are in good hands with us.

  • We always advise our donors to remove data from equipment before it exits their organization, in particular when they are responsible for a medical or financial institution, or when they are ISO or NEN certified. Simply because of your own responsibility for data protection!

    Note that we do not have ISO or NEN certifications, as they are very expensive, and your ISO auditor may not agree if the cleaning is done by a non-ISO party.

  • Regardless your policy and practices, we always professionally clean all equipment upon arrival with an open source software called DBAN. After the cleaning process, our “Eraser” volunteers use the inventory system to change the status of the item to “Data cleaned” which automatically sends the donor a cleaning report for his/her administration. DBAN cleans the memory of a computer deeply (this takes about 5 hours) preventing any type of data recovery. This includes removal of the operating system.

  • In some cases, DBAN is not sufficient, either because some new models of computers have SSD memory OR because you as a donor have special wishes regarding the data cleaning process. Usually this involves software such as BLANCCO which comes with a cost per computer. Depending on your specific wishes we will discuss the best option with you.