Updates · 2 min read

FullStory is now ISO 27701 certified

Chris PowellPosted March 07, 2023

Here at FullStory, protecting the data that you entrust to us is our highest priority. As new countries pass additional data protection and privacy laws, we remain committed to providing best-in-class privacy and security protection for customers around the world. 

We’re excited to announce that we’ve successfully completed our first ISO 27701 certification audit, in addition to our annual ISO 27001 and SOC2 + HITRUST certification audits. 

Successfully passing an ISO 27701 audit was a keystone of FullStory’s Security, Privacy, and Compliance program for 2022, and it, along with our growing list of product privacy features—such as Private by Default and Detections—demonstrates our commitment to our role as the most trusted name in Digital Experience Intelligence. 

While this is a huge milestone, our work isn’t finished. We plan to complete ISO 27017 and ISO 27018 certification audits in the coming year!

What is ISO 27701?

ISO 27701 seeks to provide an international approach to privacy protection as an extension of the ISO 27001 Information Security Standard. It was built to account for emerging data protection laws and regulations such as the EU’s GDPR, South Africa’s POPIA, California’s CPRA, and Brazil’s LGPD. Its primary goal is the protection of Personally Identifiable Information (PII), and it lays out the rigorous controls necessary to do so. 

Looking ahead

This year we’re adding ISO 27017 and ISO 27018, which give guidelines for information security controls for cloud service providers (27017) and guidelines for implementing measures to protect Personally Identifiable Information (PII) in the cloud (27018).

Adding these two certifications to bolster our program is part of our ongoing effort to provide the most trustworthy Digital Experience Intelligence platform in the world.

Learn more about how FullStory prioritizes privacy here.