support@blueberrycms.com / 800-528-0125

GDPR Employee Security Training

For our Security Awareness Training we utilize vendors whose curriculum are consistently ranked in the Top 10 on Gartner.com. We understand Employees are an organization’s first line of defense against threats; however, one of the greatest threats to Information Security frequently originates from within the organization itself. These ‘Inside Attacks’ have been noted to be some of the most dangerous, but it’s not always disgruntled workers and corporate spies who are a threat, more often, it is the non-malicious, well intentioned, uninformed employee. In the area of Security Awareness Training, continued reinforcement with measurable outcomes is critical. This includes annual employee training in respect to the proper classification and handling of personal information.

Security Awareness Training

A lack of transparency.

Well, you’ve done it. You’ve caught us in our first act of failing to be transparent. We will not be lifting the covers on our training curriculum, but we’re confident a little insight is okay. We draw upon multiple industry leaders in the Security space, our curriculum is ever evolving to ensure we incorporate events relevant to the current landscape and threat analysis. Security Awareness is part of our organizational culture, ‘Trust but Verify’, and we actively encourage personnel to participate and uphold our security awareness principles.

Our Security Awareness Training implementation is based upon an ‘Increasing Level of Risk’:

  • General Security Awareness. All Personnel.
  • Intermediate Security Awareness. Management, Decision Makers, Some Specialized Roles.
  • In-Depth Security Awareness. Specialized Roles, Subject Matter Experts and Some Management.

Employee Data Access

Your information is only accessible by BlueberryCMS employees, and this access is only given to employees relevant to their respective role. For instance, a DBA would have access to our database instances so that she may perform routine maintenance, production support, performance tuning, backup/recovery and disaster recovery work. Providing systems-level access to our Technical SMEs is required to ensure we continue to provide performant and dependable services to you and your clients. We perform annual access reviews to ensure that your personal information is only accessible by appropriately trained staff who have a need relevant to their organizational role, and who participate in annual training providing instruction on the handling of personally identifiable information.

Who else has access to your information?

Absolutely Nobody. We do not sell, lease, trade or distribute your information with anyone, and your information is never shared with any third parties for any purposes whatsoever. Including:

  • Business Partners. We do not share your personal information with business partners, BlueberryCMS is fully self-contained and solely provides all of the services we offer you.
  • Service Providers. We do not employ third party companies or individuals to facilitate our Services, to provide a Service on our behalf, to assist us in analyzing how our Services are used, or to perform services related to the administration of the Services or any Sites.
  • Affiliates and Partners. We do not provide your personal information to our affiliates or partners, even if you have an online or offline relationship with one of our affiliates or partners.
  • Marketing Partners. We do not share your personal information for communicating targeted advertising and promotional materials.

If you made it this far

This whole “by Design” thing is, well, by Design. It will be interesting to watch industry developments as more countries join the steps the EU have taken. BlueberryCMS does not have any jurisdictional boundaries baked-into any design element. Everyone’s personal information, whether you fall under EU GDPR jurisdiction or not, is treated with the same level of security controls, and when other countries begin to follow the EU’s lead in implementing a comprehensive set of privacy regulations, like the U.S. is considering, we’ll be ready to accommodate them too.

You and your data are important to us. Your confidence in our ability to provide a performant, highly available and secure service is key to our success. Learn more about GDPR by Design with these related posts.


Join our adventure to make a better website platform.

Unlike other providers, we don't require you to pay a fee to create an agency account. Sign up for FREE today!



Step 1
Sign Up

Create your agency account.

Step 2
Confirm Account

Respond to the set up email.

Step 3
Get To Work

Start designing websites.

Start Your Free Account!