ISO27018 is a set of controls and guidelines, which specify how to protect Personally Identifiable Information (PII) in public clouds. This is in accordance with the privacy principles in ISO/IEC 29100 for the public cloud computing environment.
The ISO27018 standard, as well as the other standards achieved by Cronofy, serves to demonstrate the fact that we have a world-class Information Security management system.
Annex A of ISO27018 sets out controls and guidelines, created to ensure that PII is protected at all times
Cronofy's implementation of ISO27018, alongside Cronofy’s existing ISO27001, SOC2, GDPR, HIPAA and CCPA compliance provides customers with assurance that PII, data, and information are processed and stored appropriately, prioritising the importance of keeping this data secure at all times.
The ISO27018 standard, as well as the other standards achieved by Cronofy, serves to demonstrate the fact that we have a world-class Information Security management system in place and ensure confidence in the way we handle all your data. Achieving certifications is important - however we don't stop there. Cronofy is constantly evaluating developments and updates to standards, and continually updating policies and processes, to ensure we are as secure, and compliant as possible.
When you use Cronofy, you’re sharing potentially sensitive information with us. It’s our responsibility to make sure that we protect that data, and we take that responsibility very seriously. That’s why information security will always be a first-class concern for us.Whenever we’re building or developing any aspect of our service, Security is a key consideration. We understand that our customers care deeply about the security of data, and it’s something we feel equally strongly about.We want our customers to know that they can trust us to process and handle their calendar and event data – always securely and to the highest standards.
In order to attain this certification, Cronofy’s compliance was audited and validated by an independent audit company, A-LIGN. Throughout the audit, Cronofy demonstrated a comprehensive and thorough approach to mitigating information security risks and the secure management of data.
As part of running an effective information security program - Cronofy is committed to continual improvement in line with ISO27001. Cronofy will be assessed every three years, with audits in between those. This certification helps Cronofy ensure that we are operating, and maintaining our ISMS, PII and are protecting our customers’ data, in line with the standard.
We make sure you keep control of your calendar and that it's private to you and those you'd like to share your availability with. Security is at the core of what we do and we have the best practices to ensure that privacy is never compromised.