At Truecaller we have an unwavering emphasis on being at the forefront of data security. This is evidenced by the ongoing development of our data management processes to ensure that they are both robust and effective. Our agile organizational structure promotes this development and allows us to quickly adapt to new changes in the area of information security.
As a globally recognized platform for verification of contacts and blocking of unwanted calls, we have a major responsibility when handling user data. Our service is built on trust – trust that we maintain by implementing comprehensive security measures to protect all user data that we are entrusted with processing. These measures are designed to protect the data from unauthorized access, use, dissemination and destruction.
https://www.truecaller.com/information-security-policy-statement
At Truecaller we take cybersecurity very seriously and make every effort to protect our company’s assets, employees and user data, while also constantly being at the forefront of leveraging new technology. Our comprehensive cybersecurity program guarantees that our systems and data are protected. Our security measures rely on several levels of security – from advanced firewalls, infringement prevention systems, fundamental security principles and encryption methods, as well as rigorous authentication processes. We also constantly monitor our network, applications, systems and user interfaces.
Our security management involves the use of a comprehensive information security management system (ISMS) to ensure that we are focused on and prioritizing our efforts where it counts.
Our ISMS is based on a set of principles and best practices, which are constantly reviewed and updated to align with industry standards such as ISO 27001, NIST Cybersecurity Framework and SANS CITS Critical Security Controls.
The ISMS system is designed to identify, evaluate and prevent potential risks, while our management structure is responsible for overseeing the systems and ensuring that they are aligned with applicable standards, regulations, privacy provisions and customer expectations.
Truecaller is obliged to comply with many regulations regarding data security in the markets where we have a presence. We must also carefully monitor developments in data protection in these markets to ensure that we can be proactive in introducing best practices and be ready to follow them. We allocate substantial resources in order to take the steps necessary to ensure compliance. The Privacy Center on our website, truecaller.com/privacy/ privacy-center, is kept updated and we have a robust framework of policies:
• Data Breach Response Policy
• IT Security Training Policy
• Access Control Policy and Access Management Policy
• Encryption Policy
• Information Security Policy
• Group Data Governance Policy
• Data Storage Policy
Truecaller believes that a clear management structure for personal privacy and data protection provides a solid foundation for an open and trusting relationship with our users and a culture within Truecaller that is distinguished by integrity. To ensure continuous compliance with applicable laws, Truecaller has created its own governance model. Truecaller’s model includes a dedicated data protection unit with specific areas of responsibility and assignments to manage the implementation and maintenance of the compliance program for integrity and data protection within the organization.
To firmly establish the management structure, Truecaller appointed “Privacy Champions” within each team to develop protection measures, support the compliance program and ensure that all departments and units take responsibility for protecting personal data.
These Privacy Champions offer support, for example to maintain processing activity logs and personal data assistance.
See in-depth descriptions and comments in our ESG Reports and Disclosures section and our privacy centre webpage .
Truecaller has successfully attained three ISO certifications:
These certifications mark a significant milestone in Truecaller's commitment to the highest global standards of security, resilience, and quality in its operations.
ISO 27001 (Information Security Management) :
This certification assures that Truecaller has implemented rigorous security measures to protect sensitive data, solidifying the company's position as a trusted platform for over 420 million active users. It strengthens our information security posture and it shows that we are fully committed to protecting the data of our users and partners. In a time where security threats are evolving rapidly, this certification demonstrates that Truecaller stays ahead of the curve.
ISO 9001 (Quality Management System) :
This certification highlights Truecaller's commitment to consistently providing high-quality services and products, meeting both user expectations and enterprise client requirements.
ISO 22301 (Business Continuity Management) :
This certification underscores Truecaller's ability to maintain seamless service delivery even during unforeseen disruptions, ensuring uninterrupted operations for its users and business clients.
It's a comprehensive framework that further boosts trust and reliability for our users and partners. We have always undertaken information security as a key enabler for customer trust and satisfaction.