Privacy

As a global leader in privacy and data protection, our goal is to make our practices as transparent as possible and to give you control over your data. Privacy is at the core of what we do, which is why we are at the forefront of driving and adopting industry standards and best practices.

Security

Security is embedded throughout our organization, from our products to the people. We’ve put the controls and processes in place to safeguard your data, taking a risk-based approach and making continuous improvement a mandate.

Compliance

Our in-house Integrated Management System (IMS) Team uses OneTrust tools to operationalize privacy, security and third-party risk management. Compliance is a company imperative as we continually undergo independent third-party audits to validate our commitments.

Reliability

Deployed in the cloud or on-premises, our platform is designed to deliver stable solutions so our customers can scale with confidence. OneTrust’s SOC 2 report provides assurance that our team has designed an effective system of security, availability and confidentiality controls.

Certifications


ISO 27001 Certification

ISO 27701 Certification

SOC 2 Type II

Options for EU Customers In Light of "Schrems II" Decision


On July 16, 2020 the Court of Justice of the European Union invalidated EU-US Privacy Shield as a data transfer mechanism between the EU and US, and also cast added uncertainty on the use of Standard Contractual Clauses (SCC) as part of the “Schrems II” decision. OneTrust is dedicated to offering our customers flexible options that meet their unique business needs along with their interpretation of how the decision impacts SCCs. OneTrust is offering the following options to our customers, all fully available today:

FULLY EU CONTAINERIZED SOLUTION: ON-PREM / PRIVATE CLOUD

Customers can choose to host OneTrust fully on-premises in their data center or in a private cloud, local to a country of their choice and fully containerized in the EU and under their control. The OneTrust platform is engineered on a single codebase with the ability to be hosted on-premises where required, so customers will not experience any diminished features or functionality.

FULLY EU CONTAINERIZED SOLUTION: MULTI-TENANT SaaS

OneTrust offers a SaaS solution hosted in a German data center operated by T-Systems German entity. This solution has already been available to OneTrust customers for multiple years, and is governed by a Trustee agreement to provide the controls for EU containerization. You can view the Trustee agreement here and learn more at the myOneTrust link below.

GLOBAL SCC BASED SOLUTION: MULTI-TENANT SaaS

Customers can leverage a multi-tenant SaaS instance of OneTrust, choosing from any of our 10 data centers and continuing to rely on Standard Contractual Clauses (SCC). OneTrust limits data transfers strictly to provide 24/7 resilience and security monitoring, and customers will have the option to migrate to modernized SCCs when the EU makes them available. 

Going Cloud? Choose From 10 Global Data Centers


AUSTRALIA | BRAZIL | CANADA | FRANCE | GERMANY | INDIA | UNITED KINGDOM | UNITED STATES | SINGAPORE | SWITZERLAND

Data Centers

*Cloud hosting provided by Microsoft Azure

Want to learn more about our compliance program or how we can help with yours?

Contact Us Request a Demo
Onetrust All Rights Reserved