Protecting Your Customer Data
Tealium gives you the tools, infrastructure, and practices to be confident your data is protected by the most stringent requirements.
From the beginning, data security and customer privacy have been at the forefront of our development strategy. In addition to building tools to safeguard your data at a foundational level, Tealium provides the infrastructure and data management practices to supply customers with unparalleled data security.
Data Security and Privacy Tools
Tealium provides a wide array of tools, product features, and complementary services to ensure customer privacy and a secure data foundation.
Whether you have a Consent Management Platform or not, Tealium’s flexible consent capture, enforcement, and integration tools, help you protect your users’ privacy, honor their consent preferences, and reduce the risk of regulatory violations and fines. Tealium’s consent enforcement framework detects any opt-out cookie and the Global Privacy Control (GPC) signal to further improve data volume and quality.
We enable encryption of data both at rest and in transit. Tealium encryption policy requires the use of common, well-understood ciphers.
Restricted Data Flags
Control the flow of data at a foundational level with tools supplying visibility over data flow and the capability to restrict the distribution of identified information.
For organizations that need to comply with the privacy and security rules under regulations like HIPAA. Single tenant solutions are offered with extended data security to comply with these standards, however, private cloud is not intended to be a repository of Health Records.
Tealium operates at extremely large scale and with very big data sets. We have developed a hardened data storage solution that ensures that data is always available and, in the rare case data needs to be recovered, can be recovered from an online backup quickly.
Data Privacy and Usage
Your data and your customer’s data are not accessed or used without explicit permission. You’re in the driver’s seat when it comes to defining how your data is processed. Tealium will only process your data according to your instructions.
Your data is yours. Data is retained and available to you for the full time period agreed by you. This time period can be adjusted based on your needs.
Tealium supplies tools to manage data flow based on geography to help clients comply with standards and industry regulations that vary from region to region, like GDPR.
Global Data Centers
With a growing global footprint of data centers, Tealium can manage data across the world securely and discretely.
Privacy by Design
Tealium is committed to the principles of Privacy by Design. Tealium provides services that make it possible for its clients to create a world where they unify their data to intelligently engage and delight customers while still living by the principle of Privacy by Design.
Tealium iQ Tag Management System does not process any personal data. The static content delivered from Tealium’s mCDN solution, including the domain tiqcdn.com, does not collect or store any visitor data, device identifiers or IP address. This service exists to serve static content files and does not collect or process user-specific data.
Customer Data Hub
Tealium’s Customer Data Hub services may be used to process personal data. Tealium will only process data in the CDH according to the privacy and security commitments stated in this section.
Address a Wide Range of Regulations and Standards
Tealium has extensive experience partnering with customers to assist on compliance efforts for a diverse array of industry regulations.
European Union GDPR
As a GDPR-compliant data processor supplying data to your marketing technology ecosystem, the Tealium Customer Data Hub is an ideal place to manage your 1st party data and consent for GDPR.
Health Information (HIPAA)
Tealium offers a single-tenant and multi-tenant private cloud hosting solution with data secured to HIPAA standards, but not intended to be a repository of Health Records.
Cloud Security Alliance (CSA)
Tealium partners with clients on CSA compliance needs leveraging the secure AWS infrastructure.
California Consumer Privacy Act
CCPA protects the personal information of Californians and gives consumers the right to control if and how companies collect, use, and store their personal data. Get the full overview on what you should know about CCPA and how Tealium can help here.
Tealium has achieved the following 3rd party security and privacy certifications.
SSAE18 SOC2 Type II
3rd party audit shows Tealium’s demonstrable commitment to and practice of security, availability, processing integrity and confidentiality principles.
HIPAA & HITECH
Industry’s first cloud-based customer data and tag management solution to achieve an attestation of compliance with HIPAA security and privacy rules.
This standard creates a model for an information security management system and the protection of personally identifiable information (PII).
This standard provides guidance on the protection of privacy, including how organizations should manage personal information, and assists in demonstrating compliance with privacy regulations around the world.
Tealium is also compliant with the ISO 27018 standard, which is an extension to 27001, specifically focused on Public Cloud computing environments.
The ENX Association supports with TISAX (Trusted Information Security Assessment Exchange) on behalf of VDA the common acceptance of Information Security Assessments in the automotive industry. The TISAX Assessments are conducted by audit providers that demonstrate their qualification at regular intervals. TISAX and TISAX results are not intended for general public.
For Tealium, the confidentiality, availability and integrity of information has great value. We have taken extensive measures on protection of sensitive information. Therefore, we follow the question catalogue of information security of the German Association of the Automotive Industry (VDA ISA). The Assessment was conducted by an audit provider, in this case the TISAX audit provider TUV. The result is exclusively retrievable over the ENX portal: https://portal.enx.com/en-US/TISAX/tisaxassessmentresults.
Tealium is committed to providing security with ongoing and constant monitoring.
Defense In Depth Approach
Tealium focuses on building a highly available, fault-tolerant platform that protects the privacy and integrity of our customer’s data. Each day, new security vulnerabilities and attack vectors are emerging and Tealium strives to keep ahead of attackers by working with security researchers, industry experts, and our customers. Tealium’s platform is monitored through automated and manual testing, both internally and by 3rd party cyber security organizations.
Get more information on security and privacy best practices and how Tealium’s Customer Data Hub can help.
Need More Info or Help? Have Questions?
Tealium’s solution consultants are knowledgeable and ready to help you strategize your unified data strategy incorporating mobile, along all other data sources.