Internet Accredited Business - Click For Ratings     Gerelateerde afbeelding    Afbeeldingsresultaat voor data443 wp    Image result for ssl logo blue

VERSION FRANCOPHONE  –  NEDERLANDSTALIGE VERSIE  –  ENGLISH VERSION

Dear visitor,
Dear  member of the Belgian Resuscitation Council,

your privacy on www.brc-rea.be is key.  Therefor we work with DATA443 RISK MITIGATION to be compliant with the European General Data Protection rules.

PRIVACY :

Belgian Resucitation Council will never share your personal data to third parties.

Personal data you  entered in an online communication form, will not be stored in our database and will only be used between the stakeholders.

IP adresses and browserinformation will be stored in our database, but only for reasons of security and limited to one month.

GDPR has a few things to say about the security of processing personal data:

Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, the controller and the processor shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk,including inter alia as appropriate:

  1. the pseudonymisation and encryption of personal data;
  2. the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
  3. the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident;
  4. a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.

On this page you can :

  • check or export your (personal) data we store in our database (non invasive action)
  • use your right ‘to be forgotten’ or pseudonymisate/delete your data  (watch out, INVASIVE ACTION, you will not be able to login again)

Furthermore we protect our online environment in an active manner by an applicative firewall with automatic hourly rule-updates that will can hook, scan, sanitise or reject any HTTP/HTTPS request sent to a PHP script before it reaches www.brc-rea.be.  Even encoded PHP scripts, hackers shell scripts and backdoors will be filtered on firewall level.

A ‘brute-force-attack’ appliance is in place to prevent www.brc-rea.be from being hacked. A scheduled daily backup entitles us to restore the availability of data and acces.

 

BRC-REA.be uses a SSL certificate (https:// in stead of http://).

When a browser attempts to access a website that is secured by SSL, the browser and the web server establish an SSL connection using a process called an “SSL Handshake” (see diagram below). Note that the SSL Handshake is invisible to the user and happens instantaneously.

Essentially, three keys are used to set up the SSL connection: the public, private, and session keys. Anything encrypted with the public key can only be decrypted with the private key, and vice versa.

Because encrypting and decrypting with private and public key takes a lot of processing power, they are only used during the SSL Handshake to create a symmetric session key. After the secure connection is made, the session key is used to encrypt all transmitted data.

    1. Browser connects to a web server (website) secured with SSL (https). Browser requests that the server identify itself.
    2. Server sends a copy of its SSL Certificate, including the server’s public key.
    3. Browser checks the certificate root against a list of trusted CAs and that the certificate is unexpired, unrevoked, and that its common name is valid for the website that it is connecting to. If the browser trusts the certificate, it creates, encrypts, and sends back a symmetric session key using the server’s public key.
    4.  Server decrypts the symmetric session key using its private key and sends back an acknowledgement encrypted with the session key to start the encrypted session.
    5. Server and Browser now encrypt all transmitted data with the session key.

 

BRC-REA.be is also HTTP/2 enabled

HTTP/2 is the first major HTTP protocol update since 1997 when HTTP/1.1 was first published by the IETF. The new HTTP protocol is needed to keep up with the exponential growth of the web. The successor of HTTP/1.1 brings significant improvement in efficiency, speed and security and is supported by most modern web browsers. A list of browsers that support HTTP/2 can be found on caniuse.com.

  • HTTP/2 is binary, instead of textual.
  • It is fully multiplexed, sending multiple requests in parallel over a single TCP connection.
  • It uses header compression HPACK to reduce overhead.
  • It allows servers to “push” responses proactively into client caches instead of waiting for a new request for each resource
  • It uses the new ALPN extension which allows for faster-encrypted connections since the application protocol is determined during the initial connection.
  • It reduces additional round trip times (RTT), making your website load faster without any optimization.
  • Domain sharding and asset concatenation is no longer needed with HTTP/2.

HTTP/2 introduces other improvements, more details: HTTP/2 RFC7540

COOKIES :

BRC-REA.be does NOT USE any tracking cookies. The  cookies we use are those that provide a better surf experience (like remembering your username)

DATA INTEGRITY :

Data integrity is always the number one priority at System Administration! Our hosting provider must at all times be 100% sure that data stored is in perfect condition. To keep a close eye on this – and to be able to take action well before problems arise – they check our servers on a number of important points.

Hard disks
Are the discs showing signs of wear or failure? If a disc shows read or write errors, that does not have to be a problem. These are captured and corrected by the software. In addition, disks are duplicated. If a disk deals with a certain quota of errors, chances are that it will stop shortly. In this case the disk is replaced preventively.

SSDs
Solid State Drives do not have the same usage pattern – and therefore wear patterns – as traditional discs. They do not have rotating parts, so mechanical wear is avoided. However, SSDs are subject to wear and tear as a result of writing over data. For this reason, in addition to reading and writing errors, we also monitor the so-called wear-out levels.

Health of data storage
In addition to examining each component of the hardware separately, the also check the status of all these components together.

How can you (BRC member), check on your personal data we keep in our database ? Just fill out your emailadress that is registered with your account. All related personal data we keep will be shown to you. You can also ask the DPO (DataProtectionOfficer) to pseudonymisate your data. Once this action is taken, you will be no longer able to use the membership part of this website.

 

Please identify yourself via e-mail

 

 

____________________

In case you have any concern about your personal data, feel free to contact dpo@brc-rea.be