For customers who are subject to the requirements of the Health Insurance Portability and Accountability Act (known as HIPAA, as amended, including by the Health Information Technology for Economic and Clinical Health — HITECH — Act), we urge you to use the OFFLINE version of PDF Mail Merger. Only the offline version is HIPAA compliant! Because the offline version processes all data locally on your computer only, we are not considered a Business Associate. Therefore you do not need a Business Associate Agreement with us.
The ONLINE version of PDF Mail Merger is not HIPAA compliant. You agree not to upload any health information, but also not to upload any criminal conviction or felony data, social security numbers, or bank card numbers to the online version of PDF Mail Merger.
Data Safety in general
Your data is safe with us. We ensure this with the highest standards.
Our customers entrust us with sensitive data. We are aware of this responsibility. The topic of IT security and data protection has therefore been our top priority right from the start.
We are constantly developing our data protection processes so that your data is safe with us. For example, we have deliberately chosen Germany as our server location – so our service providers are also bound by the strict data protection laws. PDF Mail Merger does not and will never sell your any of your data to third parties
In addition our hosting provider undergoes several independent third party audits on a regular basis to provide customers with external verification. This means that an independent auditor has examined the controls present in its data centers, infrastructure and operations. It has annual audits for the following standards:
- SSAE16 / ISAE 3402 Type II
- ISO 27001
- ISO 27017
- ISO 27018
- FedRAMP ATO
- PCI DSS v3.2.1