We take privacy, security and compliance extremely seriously.
To keep your information safe, we scramble it with high-level, 256-bit encryption, and then store it in such a way that, in the unlikely event of a system breach, no one would be able to identify you as an individual.
Every year, we submit our company to scrutiny by accredited external auditors, under several internationally recognised schemes. These include:
We are ISO27001 certified, which means an independent auditor has inspected our operations and confirmed that we follow a strict set of security guidelines. In 2019 Yoti became the first age verification provider to be certified under the ‘AV Certificate’ scheme by the UK Government’s then Age-Verification Regulator. This scheme ensured age-verification providers maintained high standards of privacy and data security.
- Since 2018 we have undergone an annual SOC 2 examination on our technical and organisational security controls by one of the top four auditing companies. The SOC 2 standard is an internationally recognised security standard.
- In May 2020, we commissioned an independent assessment which confirmed that Yoti means the USA’s legal requirements for privacy and security when storing health data (known as ‘HIPAA’, the Health Insurance Portability and Accountability Act of 1996).