Open Menu

Security

ISO 27001

ISO/IEC 27001:2022 ISO/IEC 27017 ISO/IEC 27018

At Dedupely, we are committed to safeguarding the security of our clients' data and systems. We have achieved ISO/IEC 27001:2022 certification, a globally recognised standard for information security management. This certification reflects our dedication to maintaining the highest level of security and compliance.

ISO/IEC 27001:2022 is the latest revision of the ISO 27001 international standard that specifies the requirements for establishing, implementing, maintaining, and continually improving an information security management system (ISMS). It provides a systematic approach to managing sensitive company and customer information, ensuring it remains secure.

We have also been awarded ISO 27017 and ISO 27018, two compliments of the ISO 27001 standard that focus on cloud security and privacy protection.

Our ISO certificate is availible upon request by emailing us at help@dedupe.ly

Data Locations

Our app infrastructure is securely hosted on leading platforms like Google Cloud Platform (GCP) and Amazon Web Services (AWS) within U.S. regions. This ensures that your information is protected by industry-leading security measures, providing you with reliable and trustworthy service. Apart from ISO 27001, our use of these platforms abide closely to NIST, CISA, PCI and other security standards to ensure that your data is secure and protected at all times.

Privacy & Security by Design

We prioritize the security and privacy of your data from the ground up. Our platform is built with Security and Privacy by Design principles, ensuring robust data protection measures are integrated into every aspect of our system. From secure data storage and encrypted communications to strict access controls and regular security audits, we are committed to safeguarding your information. Your privacy is our top priority, and we continuously work to exceed industry standards, giving you peace of mind while using our services.

External Security Audits

We conduct regular security audits and assessments to ensure that our platform meets the highest security standards. Our team works with leading security experts to identify potential vulnerabilities and address them promptly. By conducting external security audits, we can identify and mitigate risks proactively, ensuring that your data remains secure at all times.

We also conduct regular penetration testing to identify potential security weaknesses and address them before they can be exploited. By conducting penetration testing, we can identify and address vulnerabilities that could pose a risk to your data, ensuring that your information remains secure.

Astra Pentest Certificate

Dedupely has been audited by Astra Security and has passed their panel of penetration testing experts. You can view our certificate here:

Astra Pentest Badge

Subprocessors & Third Party Apps

We work with third-party apps, integrations and services that are GDPR compliant, hold IT security certifications and have a well established reputation in the industry.

Dedupely sends a newsletter when a there is a change or addition of subprocessors that handles personal data of our customers’ data.

You can see our list of subprocessors here.

Zero Trust

We adhere to a Zero Trust security model, which means we don't automatically trust any entity inside or outside our network. Instead, we verify every request as though it originates from an open network. This approach ensures that all users and devices must be authenticated, authorized, and continuously validated before accessing resources. By implementing Zero Trust, we enhance the protection of your data, ensuring robust security and minimizing risks at every level.

Team Security

Our team is well-trained in daily privacy practices, GDPR compliance, IT security, and data privacy standards. We ensure that all team members use pre-approved software, which keeps all data secure, controlled, and encrypted, safeguarding your information at every level.

Vulnerability Disclosure

We are committed to transparency and compliance with legal obligations regarding data breaches and security issues. In the event of a breach, we promptly investigate and notify affected customers within one business day via email, ensuring that you are informed and protected.

More Information

If you want to learn more about our security procedures or have a question please email us.