Infosistema is certified to ISO/IEC 27001 (information security) and ISO 9001 (quality management). Both certifications cover the design, development, operation, and support of every Infosistema product. Below — the certifications themselves, the operating principles that back them, and how to request a certificate copy for procurement.
Audited annually by independent certification bodies. Certificate copies and full scope statements available on request — email privacy@infosistema.com.
Information Security Management
Quality Management
The certifications above describe an audit. These are the four operating principles that make the audit pass every year.
Each product is designed so customer data lives in tenant-scoped storage. We do not use Customer Data to train models or for any purpose outside service delivery.
EU customers stay in EU regions (europe-west1); US customers stay in US regions (us-central1). Region pinning is contractual, not best-effort.
No standing admin credentials in production. Privileged access is per-environment, audited, and expires.
Runbooks for credential rotation, breach notification (72 hours per GDPR), and post-incident review live in the same repo as the code they protect.
Procurement teams and security reviewers can request ISO certificate copies, scope statements, and Infosistema’s standard Data Processing Agreement (DPA). For privacy enquiries see the Privacy Policy.
