We have achieved ISO 27701 certification, the internationally recognized standard for privacy information management.
ISO 27701 builds on ISO 27001 and defines how organizations manage personal data through a structured, risk-based Privacy Information Management System (PIMS).
It confirms that privacy-related responsibilities, controls, and processes across the organization supporting Data Privacy Manager are clearly defined, implemented, and governed.
This includes documented policies and procedures for handling personal data, defined roles and responsibilities, and ongoing oversight to ensure privacy requirements are consistently addressed and improved over time.
Achieving ISO 27701 certification reflects a deliberate and sustained effort to manage personal data responsibly, transparently, and in line with globally accepted privacy best practices.
What this means for our customers
For organizations using Data Privacy Manager, ISO 27701 certification provides assurance that:
- Personal data is managed through documented, consistently applied privacy policies and procedures
- Privacy risks related to the service are systematically identified, assessed, and addressed
- Roles and responsibilities for personal data processing are clearly defined and enforced
- Privacy controls are aligned with applicable data protection requirements and subject to regular review
- Privacy management practices are independently assessed as part of an accredited certification process
This certification supports customers in meeting their own privacy governance, compliance, and accountability requirements when working with Data Privacy Manager.
Leadership insight
“ISO 27701 certification confirms that privacy management is treated as a core organizational responsibility. It reflects our commitment to handling personal data in a structured, transparent, and accountable way as we continue to support our customers.”
— Marijan Bračić, CEO, Legit
Scope and verification
ISO 27701 certification applies to the organizational processes, systems, and operations that support Data Privacy Manager and involve the processing of personal data.
The certificate can be independently verified through SGS.
About the Author
