CreativeX Trust Centre

Security is a top priority for CreativeX because it’s fundamental to everything we do, our customers and our product.
Our Trust Centre is designed to give you an overview of the controls and measures we have in place to safeguard your data.
Read our ISO27001 Press Release

Governance

  • ISO27001:2022 certification in place.
  • Mature Information Security Management System (ISMS) deployed.
  • Data privacy and protection policies, procedures and templates in place.
  • We are registered with the ICO under the UK Data Protection Act (registration reference ZB684122).
  • EU-U.S. Data Privacy Framework certification in place.

Data Protection

  • Customer data is stored within Amazon AWS (US-East-1, US-East-2 and US-West-2) and DigitalOcean (New York (NYC1 and NYC3) & London (LON1)) data centres.
  • Data is encrypted in transit (TLS1.2 or above) and where appropriate at rest.
  • Customer data is logically segregated.
  • Automated backup procedures are in place.
  • Data retention controls are in place.
  • Business Continuity / Disaster Recovery plans in place.
  • Web. Application Firewall (WAF) and DDoS protection are in place.

Platform Security

  • Single Sign-On (SSO) support.
  • Multi-Factor Authentication (MFA) enforced where Single Sign-On (SSO) is not deployed.
  • Customisable password complexity, password length and idle-timeout settings.
  • Granular Role-Based Access Control (RBAC) access levels.

Application Security / Vulnerability Management

  • Formalized Software Development Lifecycle (SDLC).
  • Annual third party CREST approved penetration testing.
  • Regular Dynamic Application Security Testing (DAST) testing.

People Security

  • All staff receive information security and data privacy training at induction and periodically thereafter (at least annually). Training includes simulated phishing training.
  • Background checks are completed prior to employment. The process differs based on laws, regulations and local practices in different jurisdictions.

Corporate Security

  • Mobile Device Management (MDM) tooling deployed to secure and encrypt endpoints.
  • Endpoint security, behaviour analytics and threat hunting tooling deployed.
  • Data Loss Prevention (DLP) tooling deployed.
HomeCreative QualityResourcesCreative LifecycleCompanyBrand ConsistencyCareersInclusive RepresentationContact
Subscribe to our newsletter
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Join our mailing list
CreativeX © 2024. All rights reserved.
Privacy PolicyTerms of UseSub-ProcessorsTrust CentreSite by Diamond Hook
Close Cookie Popup
Cookie Preferences
By clicking “Accept All”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage and assist in our marketing efforts as outlined in our privacy policy.
Strictly Necessary (Always Active)
Cookies required to enable basic website functionality.
Cookies helping us understand how this website performs, how visitors interact with the site, and whether there may be technical issues.
Cookies used to deliver advertising that is more relevant to you and your interests.
Cookies allowing the website to remember choices you make (such as your user name, language, or the region you are in).
Customize
Save
Decline All
Accept All