What personal data does Holm Security process?

Business-related data

Holm Security stores information used for common business purposes (like company name, contact person, contact email, and contact phone). This does not require any specific agreement according to GDPR.


Starting from May 2018 newsletters are only sent to existing customers, who thought default terms and conditions, comply with receiving newsletters. To unsubscribe from the newsletter please use unsubscribe link at the bottom of the newsletter.

Holm Security VMP

There are two types of personal data that is could be processed on our platform. This is specifically described in the Data Processing Agreement for each country.

  1. Web Application Scanning
    The product Web Application Scanning scans for exposed personal data on websites, like personal IDs. Found personal data is presented in Security Center and stored in the platform.
  1. Phishing & Awareness Training
    The product Phishing & Awareness Training requires that personal email addresses be imported to Security Center and stored on the platform. These email addresses are used for simulating email attacks. Personal names can be imported or entered manually into Security Center to be used in the simulations.  

Encrypted data storage

Data storage for personal data is encrypted. 

Location of data

Data for customers within Europe is stored in the EEA region.


Holm Security doesn't have any subcontractors that process end customers' personal data.

Have more questions? Submit a request


Please sign in to leave a comment.