TRUST CENTER · SECURITY & COMPLIANCE

Security that stands up to your RFP.

OmniSegment is developed and operated under an ISO/IEC 27001:2022 and ISO/IEC 27018:2019 certified information security management system, independently audited by TÜV NORD, with AES-256 encryption at rest and in transit. This page carries the certificate numbers, scope and validity your security review needs.

ISO/IEC 27001:2022INFORMATION SECURITY
ISO/IEC 27018:2019CLOUD PII PROTECTION
AES-256AT REST & IN TRANSIT
01CERTIFICATIONS

Audited, numbered, verifiable.

Both certifications are issued by TÜV NORD after independent audit, and cover the OmniSegment platform together with its research, development and cloud operations.

ISO/IEC 27001:2022

Information Security Management System

The international standard for how an organisation manages information security end to end: risk assessment, access control, incident response, business continuity and continuous audit.

Certificate numberISMS229
Issuing bodyTÜV NORD
Valid until27 January 2028
ScopeOmniSegment platform · R&D · cloud operations
ISO/IEC 27018:2019

Protection of Personal Data in Public Clouds

The cloud-privacy extension of ISO 27001: controls specifically for protecting personally identifiable information (PII) processed in cloud environments, exactly what a CDP handles every day.

Certificate numberISMS229-018-003
Issuing bodyTÜV NORD
Valid until27 January 2028
ScopeOmniSegment platform · R&D · cloud operations
Who holds the certificates: beBit Technology Inc., the beBit TECH product company behind OmniSegment. The certified management system governs how the platform every client runs on is built and operated.
02IN PRACTICE

What the certification means for your data.

A certified system, not a checkbox

ISO 27001 certifies the management system itself: risks are assessed, controls are enforced, incidents have playbooks, and an external auditor verifies it on a recurring cycle.

Encrypted at rest and in transit

Customer data in OmniSegment is protected with AES-256 encryption both where it is stored and while it moves between systems.

PII controls built for the cloud

ISO 27018 adds controls specific to personal data in cloud services: consent-bound processing, transparency about where data lives, and strict rules on disclosure.

03DATA PROTECTION

Built for the region's privacy laws.

Designed to support your obligations, market by market.

OmniSegment works with first-party data your customers share with your brand, unified under your account. As your data processor, we support the obligations you carry as the data controller: consent-based processing, purpose limitation, and your customers' rights over their own records.

The platform is designed to support compliance with the data-protection laws of the markets we serve, and our team works within your governance requirements from day one.

Malaysia & Singapore · PDPAPersonal Data Protection Act frameworks in both markets.
Indonesia · PDP LawLaw No. 27/2022 on Personal Data Protection.
European Union · GDPRFor brands whose audiences reach into the EU.
On engagement: contract-stage items such as the data processing agreement, named security contacts and any market-specific registrations are put in place with your team during contracting and onboarding, aligned to your legal and procurement requirements.

Running a security review?

Point your RFP or vendor-assessment team at this page, and reach out for supporting documentation. We are used to enterprise procurement and respond with specifics, not marketing.

Request security documentation
Enterprise-grade information security. OmniSegment is developed and operated under an ISO/IEC 27001:2022 and ISO/IEC 27018:2019 certified information security management system, with AES-256 encryption at rest and in transit.
ISO/IEC 27001ISMS · TO 2028
ISO/IEC 27018CLOUD PII
AES-256ENCRYPTION