LYNQ is proud to announce that we have met the requirements of ISO 27018 : 2020 to protect Personally Identifiable Data. This standard extends the ISO 27001 : 2013 certification gained in June 2022.
LYNQ recognises that personally identifiable information (referred to as PII) must be dealt with properly, however it is collected, recorded and used. Whether on paper, in a computer, or recorded on other materials and there are safeguards to ensure this is within the EU General Data Protection Regulation and Data Protection Act 2019.
Who is ISO?
The International Organisation for Standardisation (ISO) is an international, non-governmental organisation (NGO) with over 150 standards members. These members are all connoisseurs in their field who share their expertise and develop voluntary, consensus-based, market-relevant international standards that support innovation and provide solutions to global issues.
More about ISO 27018 : 2020
ISO 27018 is the first international standard created specifically for personal privacy in cloud computing. Its main objective, according to the ISO, is to establish “commonly accepted control objectives, controls and guidelines for implementing measures to protect Personally Identifiable Information (PII)”.
Personally Identifiable Information (PII) is a term concerning personal information security environments. PII is information that can be used by companies on its own or with other information to detect, contact, or locate a single person, or to identify a person.
PII is any data that can be used to clearly identify an individual. Some examples that have always been considered personally identifiable information include:
- Social Security or National Insurance number
- Postal mailing address
- Physical address
- Email address
- Phone numbers
- Financial card or account details
- Medical history etc…
As technology has advanced, the range of PII details has grown, it now also includes data such as:
- IP addresses
- Login ID details
- Social media posts
- Digital images
- Behavioural data
What does ISO 27018 certification mean for LYNQ?
“We regard the lawful and correct treatment of PII as very important to successful operations, and to maintaining confidence between those with whom we deal with. We ensure that our organisation treats personal information lawfully and correctly. Our PII Policy is used in conjunction with the organisation’s ISO 27001:2013 certified Information Security Management System.
Through gaining this additional ISO security certification, we verify our support and commitment to achieving compliance with applicable PII protection legislation and/or regulations. Whether as a controller or processor of PII, we are confident the contractual obligations between our organisation, its customers, partners, subcontractors and all other applicable third parties are met.”
Sarah Paradise-Brown, LYNQ COO