Privacy & security.

Inherently secure. Private by design.

Privacy & security

Not just compliant,
but truly secure.

Protecting your data and the integrity of the authentication drives every decision we make.

We ensure all our service providers meet strict data protection standards and have selected a market-leading cloud service that protects data while being transferred, stored and processed.

Built to standards.

Robust information security management

We pride ourselves on having robust information security management and cybersecurity frameworks, with strict checkpoints governing each step of our development lifecycle, internal processes and culture. Daltrey’s frameworks align with:

  • NIST Cybersecurity Framework
  • Encryption at rest and in transit
  • ISO 27001
  • GDPR & CCPA
Best practice standards

Daltrey is at the forefront of developing and improving global standards. We implement best practice standards early, shaping the future of the industry. Areas of focus include:

  • ISO/IEC 19792: Security evaluation of biometrics
  • ISO/IEC 19989: Information security
  • ISO/IEC 24745: Biometric information protection
  • ISO/IEC 27553: Security and privacy requirements for authentication using biometrics on mobile devices
  • ISO/IEC 29003: Identity Proofing
  • ISO/IEC 29115: Entity authentication assurance
  • ISO/IEC 30107: Biometric presentation attack detection
  • ISO/IEC 30136: Performance testing of biometric template protection schemes
  • ISO/AWI 7603: Decentralised Identity

Ultimate trust comes from Zero Trust.

We champion the Zero Trust model. This means we fully encourage and expect you to verify and validate our own trustworthiness.

We use independent third-party auditors to review our systems against the strictest and most-accepted international standards and regulations. We share audit reports wherever possible, so you can review exactly how we’re keeping your data secure.

Zero Trust Model

Our commitment to privacy.

You own your data and we’re fully committed to keeping it private. We are GDPR and CCPA compliant and follow best practices at all times. Our Privacy Policy describes how we handle and protect the information provided when you use our solutions, including:

  • What kind of data we collect and why
  • How we protect this data and how long we retain it
  • Where we keep and transmit your data
  • What happens if the policy changes

Let’s talk security.