Q: Is SmartSpace.ai certified to any recognised information security standards (such as ISO 27001) or an approved code of conduct?

A: We are not currently certified to any recognized information security standards such as ISO 27001 or an approved code of conduct. However, we have a comprehensive data protection policy in place that outlines our commitment to protecting personal data and our compliance with data protection laws and regulations. We also have a breach notification policy that establishes the requirements and procedures for reporting a breach of sensitive information, in compliance with various regulations including NZ Privacy Act (2020), GDPR, HIPAA, and CCPA. Furthermore, we conduct an annual review of our privacy policy to ensure that personal information is used in conformity with the purposes identified in the privacy notice.

We are actively working towards achieving ISO27001 and SOC2 accreditations using the SaaS compliance platform Drata. Our current progress stands at 25% for ISO27001 and 19% for SOC2. These certifications will further strengthen our commitment to data protection and compliance with international information security standards.