Information Security Policy

V2.0 – 10-03-2023

  1. Introduction

    This document aims to answer the most frequently asked questions regarding Data Share Port’s Information Security Policy. Capitalized terms used in this Information Security Policy and not separately defined shall have the respective meanings ascribed in the Customer Specific Agreement.

  2. Data Centers

    Data Share Port’s goal is to enable you to share your information through API’s. For most use cases Data Share Port collects your Data, stores it and indexes it. At all times do you, the Data Provider, keep full ownership over your Data. Protecting your Data and the Data of your customers is extremely important to us.
    If this document does not answer your questions and you require more in-depth information about Data Share Port’s Information Security Policy, please do not hesitate to contact us via https://nxtport-international.zendesk.com  or email ([email protected]).

    The NxtPort platform runs on the Microsoft Azure Cloud platform and therefore in Microsoft’s data centres. Microsoft cloud services are audited at least annually against SOC 1 (SSAE18, ISAE 3402) and SOC 2 (AT Section 101) standards. More information is available on The Microsoft website.
    The Data Share Port platform only deploys services on (Tier 4) Microsoft Azure data centres in West Europe.

  3. Misuse

    Data Share Port aims to be at the forefront of compliance and delivery. Live data can never be accessed by anonymous parties. A Data User can access Data only if granted that access by the Data Provider. Additionally, Data Share Port closely checks API usage and, if detecting an account with indications of suspicious activity, takes immediate action as appropriate for the specific case, such as suspension of access, contacting the Subscriber and/or contacting the Data Provider.

  4. Application Security

    Data Share Port fully understands the importance of that software security. In addition to continuously scanning its code for vulnerabilities, Data Share Port also:

    • Securely transfers all your Data and encrypts it at rest;
    • Is planning an independent penetration test in 2023, to be repeated annually;
    • Is ISO 27001 and 27002 certified.

    If you identify a vulnerability in a Data Share Port site or service, you can place it to us via https://nxtport-international.zendesk.com  or email ([email protected]).

  5. Operational Security

    Access to Data Share Port systems and your Data is restricted only to those who need access to provide you with maximum support. Data Share Port maintains a strict separation between its development, test, and production environments.
    With its employees, contractors, and vendors working on its behalf, Data Share Port has in place:

    • Signed confidentiality agreements;
    • Termination/access removal processes;
    • Acceptable use agreements.

    Security is the responsibility of everyone who works for NxtPort. Data Share Port trains its employees to identify security risks and empowers them to take action to prevent bad things from happening.

  6. Business Continuity/Disaster Recovery

    By deploying its platform to the Microsoft Azure Cloud platform, which has redundant and geographically separate data centres, Data Share Port can provide you with consistent services. All service layers (ingestion, storage, processing, API management and identity management) are deployed with redundancy to allow for quick recovery in case a single data centre goes down.

  7. Privacy

    You can review the Data Share Port privacy policy, but let us already state very clearly that we are committed to the confidentiality of your Data.