Protecting Your Customer Data
Tealium gives you the tools, infrastructure, and practices to be confident your data is protected by the most stringent requirements.
From the beginning, data security and customer privacy have been at the forefront of our development strategy. In addition to building tools to safeguard your data at a foundational level, Tealium provides the infrastructure and data management practices to supply customers with unparalleled data security.
Data Security and Privacy Tools
Tealium provides a wide array of tools, product features, and complementary services to ensure customer privacy and a secure data foundation.
Consent and Privacy Manager
Easily offer opt-in or opt-out choices to
customers, providing control over which third-party vendors and data usage those customers want to allow.
Encryption
We enable encryption of data both at rest and in transit. Tealium encryption policy requires the use of common, well-understood ciphers including AES 256, Triple DES, SHA 256 (preferably with salt) and SSL/TLS 1.2 or stronger.
Restricted Data Flags
Control the flow of data at a foundational level with tools supplying visibility over data flow and the capability to restrict the distribution of identified information.
Private Cloud
For organizations that need to comply with the privacy and security rules under regulations like HIPAA. Single tenant solutions are offered with extended data security to comply with these standards, however, private cloud is not intended to be a repository of Health Records.
Data Recovery
Tealium operates at extremely large scale and with very big data sets. We have developed a hardened data storage solution that ensures that data is always available and, in the rare case data needs to be recovered, can be recovered from an online backup quickly.
Data Privacy and Usage
Your data and your customer’s data are not accessed or used without explicit permission. You’re in the driver’s seat when it comes to defining how your data is processed. Tealium will only process your data according to your instructions.
Data Ownership
Your data is yours. Data is retained and available to you for the full time period agreed by you. This time period can be adjusted based on your needs.
Geo-based Management
Tealium supplies tools to manage data flow based on geography to help clients comply with standards and industry regulations that vary from region to region, like GDPR.
Global Data Centers
With a growing global footprint of data centers, Tealium can manage data across the world securely and discretely.
Address a Wide Range of Regulations and Standards
Tealium has extensive experience partnering with customers to assist on compliance efforts for a diverse array of industry regulations.
European Union GDPR
As a GDPR-compliant data processor supplying data to your marketing technology ecosystem, the Tealium Universal Data Hub is an ideal place to manage your 1st party data and consent for GDPR.
ePrivacy Directive
In addition to GDPR requirements, the ePrivacy Directive focuses on how data can be processed and how the data subject may be interacted with, both which can be addressed by the Tealium Universal Data Hub.
Health Information (HIPAA)
Tealium offers a single tenant, private cloud hosting solution with data secured to HIPAA standards but not intended to be a repository of Health Records.
Payment Card Industry (PCI)
Tealium offers a single tenant, private cloud hosting solution with data secured to PCI standards but not intended to be a repository of Cardholder data.
Cloud Security Alliance (CSA)
Tealium partners with clients on CSA compliance needs leveraging the secure AWS infrastructure.
California Consumer Privacy Act
Scheduled for January 1, 2020, CCPA regulates personal information collection and data usage by businesses. Tealium is actively monitoring developments and is committed to addressing CCPA compliance.
Certifications
Tealium has achieved the following 3rd party security and privacy certifications.
SSAE18 SOC 2 Type I & II
3rd party audit shows Tealium’s demonstrable commitment to and practice of security, availability, processing integrity and confidentiality principles.
Privacy Shield
An active participant in EU-US Privacy Shield Framework to comply with data protection requirements when transferring personal data from the EU to the US. Tealium is also Swiss-US Privacy Shield certified.
HIPAA & HITECH
Industry’s first cloud-based customer data and tag management solution to achieve an attestation of compliance with HIPAA security and privacy rules.
ISO/IEC 27001:2013
This standard creates a model for an information security management system and the protection of personally identifiable information (PII).
ISO/IEC 27018:2014
Tealium is also compliant with the ISO 27018 standard, which is an extension to 27001, specifically focused on Public Cloud computing environments.
Constant Monitoring
Tealium is committed to providing security with ongoing and constant monitoring.
System Status
Tealium continuously monitors our uptime and makes our system status publicly available.
Defense In Depth Approach
Tealium focuses on building a highly available, fault-tolerant platform that protects the privacy and integrity of our customer’s data. Each day, new security vulnerabilities and attack vectors are emerging and Tealium strives to keep ahead of attackers by working with security researchers, industry experts, and our customers. Tealium’s platform is monitored through automated and manual testing, both internally and by 3rd party cyber security organizations.
Resources
Get more information on security and privacy best practices and how Tealium’s Universal Data Hub can help.
Need More Info or Help? Have Questions?
Tealium’s solution consultants are knowledgeable and ready to help you strategize your unified data strategy incorporating mobile, along all other data sources.
