lock_blue_outline_01

Protecting Your Customer Data

Tealium gives you the tools, infrastructure, and practices to be confident your data is protected by the most stringent requirements.

From the beginning, data security and customer privacy have been at the forefront of our development strategy. In addition to building tools to safeguard your data at a foundational level, Tealium provides the infrastructure and data management practices to supply customers with unparalleled data security.

Tools
Regulations
Certifications
Monitoring
Resources
Get in Touch

Data Security and Privacy Tools

Tealium provides a wide array of tools, product features, and complementary services to ensure customer privacy and a secure data foundation.

Consent and Privacy Manager

Easily offer opt-in or opt-out choices to
customers, providing control over which third-party vendors and data usage those customers want to allow.

Encryption

We enable encryption of data both at rest and in transit. Tealium encryption policy requires the use of common, well-understood ciphers including AES 256, Triple DES, SHA 256 (preferably with salt) and SSL/TLS 1.2 or stronger.

Restricted Data Flags

Control the flow of data at a foundational level with tools supplying visibility over data flow and the capability to restrict the distribution of identified information.

Private Cloud

For organizations that need to comply with the privacy and security rules under regulations like HIPAA. Single tenant solutions are offered with extended data security to comply with these standards, however, private cloud is not intended to be a repository of Health Records.

Data Recovery

Tealium operates at extremely large scale and with very big data sets. We have developed a hardened data storage solution that ensures that data is always available and, in the rare case data needs to be recovered, can be recovered from an online backup quickly.

Data Privacy and Usage

Your data and your customer’s data are not accessed or used without explicit permission. You’re in the driver’s seat when it comes to defining how your data is processed.  Tealium will only process your data according to your instructions.

Data Ownership

Your data is yours. Data is retained and available to you for the full time period agreed by you. This time period can be adjusted based on your needs.

Geo-based Management

Tealium supplies tools to manage data flow based on geography to help clients comply with standards and industry regulations that vary from region to region, like GDPR.

Global Data Centers

With a growing global footprint of data centers, Tealium can manage data across the world securely and discretely.

Privacy by Design

Tealium is committed to the principles of Privacy by Design. Tealium provides services that make it possible for its clients to create a world where they unify their data to intelligently engage and delight customers while still living by the principle of Privacy by Design.

tiq_icon_blue_300x300

Tag Management

Tealium iQ Tag Management System does not process any personal data. The static content delivered from Tealium’s mCDN solution, including the domain tiqcdn.com, does not collect or store any visitor data, device identifiers or IP address. This service exists to serve static content files and does not collect or process user-specific data.

udh_icon_blue_300x300

Customer Data Hub

Tealium’s Customer Data Hub services may be used to process personal data. Tealium will only process data in the CDH according to the privacy and security commitments stated in this section.

Address a Wide Range of Regulations and Standards

Tealium has extensive experience partnering with customers to assist on compliance efforts for a diverse array of industry regulations.

eu

European Union GDPR

As a GDPR-compliant data processor supplying data to your marketing technology ecosystem, the Tealium Customer Data Hub is an ideal place to manage your 1st party data and consent for GDPR.

hipaa_02

Health Information (HIPAA)

Tealium offers a single tenant, private cloud hosting solution with data secured to HIPAA standards but not intended to be a repository of Health Records.

pci_02

Payment Card Industry (PCI)

Tealium offers a single tenant, private cloud hosting solution with data secured to PCI standards but not intended to be a repository of Cardholder data.

cloud-security-alliance

Cloud Security Alliance (CSA)

Tealium partners with clients on CSA compliance needs leveraging the secure AWS infrastructure.

ccpa

California Consumer Privacy Act

Scheduled for January 1, 2020, CCPA regulates personal information collection and data usage by businesses. Tealium is actively monitoring developments and is committed to addressing CCPA compliance.

Certifications

Tealium has achieved the following 3rd party security and privacy certifications.

image5

SSAE18 SOC 2 Type I & II

3rd party audit shows Tealium’s demonstrable commitment to and practice of security, availability, processing integrity and confidentiality principles.

image3

Privacy Shield

An active participant in EU-US Privacy Shield Framework to comply with data protection requirements when transferring personal data from the EU to the US. Tealium is also Swiss-US Privacy Shield certified.

hipaa_02

HIPAA & HITECH

Industry’s first cloud-based customer data and tag management solution to achieve an attestation of compliance with HIPAA security and privacy rules.

schellman_iso27001_seal_blue_cmyk_300dpi_jpg

ISO/IEC 27001:2013

This standard creates a model for an information security management system and the protection of personally identifiable information (PII).

schellman_iso27018_seal_blue_300dpi_jpg

ISO/IEC 27018:2014

Tealium is also compliant with the ISO 27018 standard, which is an extension to 27001, specifically focused on Public Cloud computing environments.

tcf_registered_vendor_01

IAB Europe

Tealium participates in the IAB Europe Transparency & Consent Framework and complies with its Specifications and Policies. Tealium’s identification number within the framework is 522.

veracode-verified-standard-1-1

Veracode Verified

Attestation of Tealium software security backed by Veracode’s industry-leading platform and programmatic approach, 10+ years’ experience, more than 65 trillion lines of code scanned and over 30 million flaws fixed.

Constant Monitoring

Tealium is committed to providing security with ongoing and constant monitoring.

eye

System Status

Tealium continuously monitors our uptime and makes our system status publicly available. 

sheild_check

Defense In Depth Approach

Tealium focuses on building a highly available, fault-tolerant platform that protects the privacy and integrity of our customer’s data. Each day, new security vulnerabilities and attack vectors are emerging and Tealium strives to keep ahead of attackers by working with security researchers, industry experts, and our customers. Tealium’s platform is monitored through automated and manual testing, both internally and by 3rd party cyber security organizations.

Resources

Get more information on security and privacy best practices and how Tealium’s Customer Data Hub can help.

READ MORE

VIDEOS

DOWNLOADS

Need More Info or Help? Have Questions?

Tealium’s solution consultants are knowledgeable and ready to help you strategize your unified data strategy incorporating mobile, along all other data sources.