
Protecting Your Customer Data
Tealium gives you the tools, infrastructure, and practices to be confident your data is protected by the most stringent requirements.
From the beginning, data security and customer privacy have been at the forefront of our development strategy. In addition to building tools to safeguard your data at a foundational level, Tealium provides the infrastructure and data management practices to supply customers with unparalleled data security.
Data Security and Privacy Tools
Tealium provides a wide array of tools, product features, and complementary services to ensure customer privacy and a secure data foundation.
Consent and Privacy Manager
Easily offer opt-in or opt-out choices to
customers, providing control over which third-party vendors and data usage those customers want to allow.
Encryption
We enable encryption of data both at rest and in transit. Tealium encryption policy requires the use of common, well-understood ciphers including AES 256, Triple DES, SHA 256 (preferably with salt) and SSL/TLS 1.2 or stronger.
Restricted Data Flags
Control the flow of data at a foundational level with tools supplying visibility over data flow and the capability to restrict the distribution of identified information.
Private Cloud
For organizations that need to comply with the privacy and security rules under regulations like HIPAA. Single tenant solutions are offered with extended data security to comply with these standards, however, private cloud is not intended to be a repository of Health Records.
Data Recovery
Tealium operates at extremely large scale and with very big data sets. We have developed a hardened data storage solution that ensures that data is always available and, in the rare case data needs to be recovered, can be recovered from an online backup quickly.
Data Privacy and Usage
Your data and your customer’s data are not accessed or used without explicit permission. You’re in the driver’s seat when it comes to defining how your data is processed. Tealium will only process your data according to your instructions.
Data Ownership
Your data is yours. Data is retained and available to you for the full time period agreed by you. This time period can be adjusted based on your needs.
Geo-based Management
Tealium supplies tools to manage data flow based on geography to help clients comply with standards and industry regulations that vary from region to region, like GDPR.
Global Data Centers
With a growing global footprint of data centers, Tealium can manage data across the world securely and discretely.
Privacy by Design
Tealium is committed to the principles of Privacy by Design. Tealium provides services that make it possible for its clients to create a world where they unify their data to intelligently engage and delight customers while still living by the principle of Privacy by Design.

Tag Management
Tealium iQ Tag Management System does not process any personal data. The static content delivered from Tealium’s mCDN solution, including the domain tiqcdn.com, does not collect or store any visitor data, device identifiers or IP address. This service exists to serve static content files and does not collect or process user-specific data.

Customer Data Hub
Tealium’s Customer Data Hub services may be used to process personal data. Tealium will only process data in the CDH according to the privacy and security commitments stated in this section.
Address a Wide Range of Regulations and Standards
Tealium has extensive experience partnering with customers to assist on compliance efforts for a diverse array of industry regulations.

European Union GDPR
As a GDPR-compliant data processor supplying data to your marketing technology ecosystem, the Tealium Customer Data Hub is an ideal place to manage your 1st party data and consent for GDPR.

Health Information (HIPAA)
Tealium offers a single tenant, private cloud hosting solution with data secured to HIPAA standards but not intended to be a repository of Health Records.

Payment Card Industry (PCI)
Tealium offers a single tenant, private cloud hosting solution with data secured to PCI standards but not intended to be a repository of Cardholder data.

Cloud Security Alliance (CSA)
Tealium partners with clients on CSA compliance needs leveraging the secure AWS infrastructure.

California Consumer Privacy Act
Scheduled for January 1, 2020, CCPA regulates personal information collection and data usage by businesses. Tealium is actively monitoring developments and is committed to addressing CCPA compliance.
Certifications
Tealium has achieved the following 3rd party security and privacy certifications.

SSAE18 SOC 2 Type I & II
3rd party audit shows Tealium’s demonstrable commitment to and practice of security, availability, processing integrity and confidentiality principles.

Privacy Shield
Tealium adheres to the principles of the EU-US and Swiss-US Privacy Shield Frameworks, although we do not rely on these frameworks as a legal basis for transfers of personal data in light of the judgment of the Court of Justice of the EU. To learn more head here.

HIPAA & HITECH
Industry’s first cloud-based customer data and tag management solution to achieve an attestation of compliance with HIPAA security and privacy rules.

ISO/IEC 27001:2013
This standard creates a model for an information security management system and the protection of personally identifiable information (PII).

ISO/IEC 27018:2014
Tealium is also compliant with the ISO 27018 standard, which is an extension to 27001, specifically focused on Public Cloud computing environments.

Veracode Verified
Attestation of Tealium software security backed by Veracode’s industry-leading platform and programmatic approach, 10+ years’ experience, more than 65 trillion lines of code scanned and over 30 million flaws fixed.
Constant Monitoring
Tealium is committed to providing security with ongoing and constant monitoring.

System Status
Tealium continuously monitors our uptime and makes our system status publicly available.

Defense In Depth Approach
Tealium focuses on building a highly available, fault-tolerant platform that protects the privacy and integrity of our customer’s data. Each day, new security vulnerabilities and attack vectors are emerging and Tealium strives to keep ahead of attackers by working with security researchers, industry experts, and our customers. Tealium’s platform is monitored through automated and manual testing, both internally and by 3rd party cyber security organizations.
Resources
Get more information on security and privacy best practices and how Tealium’s Customer Data Hub can help.
Need More Info or Help? Have Questions?
Tealium’s solution consultants are knowledgeable and ready to help you strategize your unified data strategy incorporating mobile, along all other data sources.