Turtl is ISO27001 certified and is registered as a Data Controller with the ICO with reference number ZA086894.
Policies are reviewed at least annually in line with our ISO27001 certification. Policies are also updated as part of any changes to infrastructure or controls, and all changes must be communicated immediately to all members of staff.
All employees and contractors are subject to full background checks and sign comprehensive confidentially agreements and NDAs. Security and Data Protection Act training is provided for all members of the Engineering and Operations Teams.
No application customer data is permitted on employee workstations or removable media. All employee workstations and removable media are encrypted and wiped according to best practices before recirculation.