Protecting Your Customer Data

Tealium gives you the tools, infrastructure, and practices to be confident your data is protected by the most stringent requirements. From the beginning, data security and privacy have been at the forefront of our development strategy. In addition to building tools to safeguard your data at a foundational level, Tealium provides the infrastructure and data management practices to supply customers with unparalleled data security.

Consent Management

Whether you have a consent management platform or not, Tealium’s flexible consent capture, enforcement, and integration tools, help you protect your users’ privacy, and honor their consent preferences. Tealium’s consent enforcement framework detects any opt-out cookie and the Global Privacy Control (GPC) signal to further improve data volume and quality.

Encryption

Tealium encrypts data both at rest and in transit, using common, well-understood ciphers.

Restricted Data Flags

Control the flow of data at a foundational level with tools supplying visibility over data flow and the capability to restrict the distribution of identified information.

Private Cloud

Some organizations may prefer a single tenant solution. Tealium offers a private cloud for such customers.

Data Recovery

Tealium operates at extremely large scale and with very big data sets. We have developed a resilient data solution, helping to ensure data availability and fast recovery.

Data Privacy and Usage

You’re in the driver’s seat when it comes to defining how your data is processed. Tealium will only process your data according to your instructions. Tealium is committed to the principles of privacy by design in our products and services.

Data Ownership

Your data is yours. Data is retained and available to you for the full time period agreed by you. This time period can be adjusted based on your needs.

Geo-based Management

Tealium supplies tools to manage data flow based on geography to help clients comply with standards and industry regulations that vary from region to region, like GDPR.

Global Data Centers

Tealium offers data centers in several regions globally, and is constantly expanding its footprint of data centers. Customers can choose their hosting location based on their requirements. Tealium applies the same security and privacy standards to your data regardless of the hosting location.

Privacy by Design

Tealium is committed to the principles of Privacy by Design. Tealium provides services that make it possible for its clients to create a world where they unify their data to intelligently engage and delight customers while still living by the principle of Privacy by Design.

Tag Management

The static content delivered from Tealium iQ, including the domain tiqcdn.com, does not collect or store any visitor data or device identifiers.

Customer Data Hub

Tealium’s Customer Data Hub (“CDH”) services may be used to process any data transmitted by customers to the services, including personal data. Tealium will only process data in the CDH according to customers’ instructions.

Address a Wide Range of Regulations and Standards

Tealium has extensive experience partnering with customers to assist on compliance efforts for a diverse array of industry regulations.

European Union GDPR
Cloud Security Alliance (CSA)
California Consumer Privacy Act

Data privacy laws and regulations are constantly being implemented and enforced by governments globally. Tealium provides its products and services in a manner that allows customers to meet their obligations as a data controller or business under applicable laws and regulations. The Tealium Customer Data Hub is an ideal place to manage your 1st party data and consent to meet such requirements.

Tealium partners with clients on CSA compliance needs leveraging the secure AWS infrastructure.

California Consumer Privacy Act

CCPA protects the personal information of Californians and gives consumers the right to control if and how companies collect, use, and store their personal data. Get the full overview on what you should know about CCPA and how Tealium can help here.

Assessment of Compliance

Tealium underwent an independent third party assessment of our compliance.

HIPAA & HITECH
ISO/IEC 27001:2013
ISO/IEC 27701:2019
ISO/IEC 27018

Tealium offers a dedicated HIPAA multi-tenant or private cloud solution that satisfies the requirements of the HIPAA security rules.

ISO 27001 is a globally recognized standard that outlines the best practices for an information security management system (ISMS). By adhering to this standard, Tealium is able to secure information assets, enhancing customer and stakeholder trust. Implementing ISO 27001 demonstrates Tealium’s commitment to a systematic and ongoing approach to managing customer data.

ISO 27701:2019 Certification

Tealium is committed to upholding the highest standards of data privacy and security, as evidenced by our certification under ISO 27701. This standard provides a comprehensive framework for managing personal data securely and efficiently, enhancing our capabilities in implementing, maintaining, and continuously improving our Privacy Information Management System (PIMS). By adhering to ISO 27701, Tealium demonstrates a commitment to data privacy, and builds trust with our customers through responsible data governance.

Tealium is certified under ISO 27018, a leading international standard focused on protecting personal data in the cloud. This certification demonstrates our commitment to implementing robust security measures for cloud-based data processing and maintaining high privacy standards. By embracing ISO 27018, Tealium demonstrates that personal data is handled with the utmost care and in compliance with privacy principles, thereby enhancing trust with our customers and fortifying our reputation as a reliable partner in the data-driven digital landscape. Our compliance with ISO 27018 affirms our dedication to secure and private cloud services.

Certifications

Tealium has achieved the following 3rd party security and privacy certifications.

SSAE18 SOC2 Type II
TISAX
TX-RAMP
AICPA SOC2

At Tealium, we are proud to maintain compliance with AICPA SOC 2, a rigorous auditing standard designed to ensure the security, availability, processing integrity, confidentiality, and privacy of customer data. This compliance underscores our ongoing commitment to high operational standards and robust security practices. By meeting SOC 2 requirements, Tealium not only demonstrates our dedication to safeguarding customer data but also reinforces our credibility as a trusted partner in the SaaS industry. Our SOC 2 compliance is integral to our promise of delivering secure and reliable service in all our customer engagement

Tealium is aligned with TISAX (Trusted Information Security Assessment Exchange), a standard tailored for the automotive industry, emphasizing information security and data protection. By adhering to TISAX standards, we ensure that our data handling practices meet the rigorous requirements specific to the automotive sector, enhancing trust among stakeholders and partners. TISAX compliance reflects our commitment to maintaining the highest levels of security and confidentiality, crucial for partnerships in the automotive industry. This certification establishes Tealium as a dependable entity capable of managing customer data in a complex and demanding industrial environment.

Tealium adheres to the standards of the Texas Risk and Authorization Management Program (TX-RAMP), underscoring our commitment to providing secure and reliable cloud solutions that meet the specific requirements of Texas state agencies. By achieving this certification, Tealium affirms its role as a trusted provider, equipped to handle the complex needs of Texas state agencies with utmost integrity and compliance. This aligns with our ongoing effort to deliver top-tier, secure services across all sectors, including the public domain.