At Tartan, our products are built with privacy and security at its core. We are at the forefront of security and follow the industry best practices to ensure user data is fully encrypted. We believe that regulation is an asset, not a barrier. That is why we are pleased to announce that we have achieved ISO 27701, ISO 27001 certifications. These certifications are a statement of our commitment towards maintaining and achieving the highest levels of security standards. ISO27001 and ISO27701 are internationally recognized standards. Our systems and processes went through many rounds of evaluation by 3rd party auditors over the course of the last several months to be able to receive these certifications.

The International Organization for Standardization (ISO) is an international standard development organization composed of representatives from the national standards organizations of member countries.

Founded on 23 February 1947, the organization develops and publishes technical, industrial and commercial standards. It is headquartered in Geneva, Switzerland, and works in 165 countries.

The ISO27001 and ISO 27701 will be familiar to compliance, security and privacy experts who oversee digital tools across a variety of industries, but we’ve provided further context below for those less familiar. While we’re proud to have attained these certifications, we will continue to evolve our practices to accommodate change and growth of our business and the broader fintech ecosystem.

What is ISO 27001 & ISO 27701 certification?

ISO/IEC 27001 is an international standard on how to manage information security. The standard was originally published jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) in 2005and then revised in 2013. It details requirements for establishing, implementing, maintaining and continually improving an information security management system (ISMS) – the aim of which is to help organizations make the information assets they hold more secure.

ISO/IEC 27701 is an international privacy standard that extends the requirements of ISO/IEC 27001 and enhances the existing Information Security Management System (ISMS) with additional requirements in order to establish, implement, maintain, and continually improve a Privacy Information Management System (PIMS). The standard outlines a framework for Personally Identifiable Information (PII) Controllers and PII Processors to manage privacy controls to reduce the risk to the privacy rights of individuals.

These certifications are Tartan's latest milestones toward our continuous commitment to data privacy and security. We strongly believe that security and privacy are fundamental to us that will help companies evaluate Tartan's policies and practices to streamline their compliance processes. We have ironclad security measures as our team is composed of experts dedicated to complying with the highest levels of privacy and security standards. We strive toward our mission of unlocking financial freedom for everyone.