Talkative makes digital customer contact software, so our customers trust us with their data and their conversations. This Trust Centre explains how we protect that data, the standards we hold ourselves to, and how to get the documents your security team needs.
What you'll find here
- Compliance and certifications: our ISO/IEC 27001:2022 certification, how the ISMS is run, and where the platform is hosted.
- Platform security: encryption, network security, logging and monitoring, availability and backups, and vulnerability management.
- Organisational security: access control, our people and training, secure development, vendor management, and asset management.
- Data protection: data handling and retention, privacy and UK GDPR, data hosting and residency, how we use AI, incident response, and responsible disclosure.
- Document requests: how to get our policies, Statement of Applicability, and penetration test reports under NDA.
The short version
- Certified to ISO/IEC 27001:2022 by Johanson Group LLP, an IAS-accredited certification body.
- Customer data is encrypted in transit and at rest, on infrastructure hosted with AWS.
- Access follows least privilege with multi-factor authentication, and we review it regularly.
- Independent penetration tests run at least once a year.
- We act as a data processor under the UK GDPR and the Data Protection Act 2018, and we have appointed a Data Protection Officer.
Need something specific?
Many documents are available on request, and some under NDA. See the "Request documentation under NDA" article, or email trust@gettalkative.com.