Milan, August 4th, 2021

At SupplHi, we take your security seriously. This is why we built our SaaS around information security and privacy of our customers and achieved ISO/IEC 27001:2013 in July 2019 and a year later, in July 2020, ISO/IEC 27017:2015 for the design, development and management of a SaaS platform for the collection and management of Vendor Management information.

We are always keep to achieve more and to exceed the industry standard, especially in the light of our motto “We Share Trust”.

Therefore, we are glad to announce that in August 2021, we have achieved ISO/IEC 27018:2019 certification by Bureau Veritas, bringing the total number of our ISO 27000-series certifications to three. The new certification for SupplHi comes along with the surveillance audits of our existing ISO/IEC 27001:2013 and ISO/IEC 27017:2015 certification following an independent audit by Bureau Veritas.

What is ISO/IEC 27018:2019?  

ISO/IEC 27018:2019 is the international standard for protecting personal information in cloud storage. It focuses on the protection of cloud service customers’ Personally Identifiable Information (PII) -such as a person’s name, date of birth, IP address and bank details- in the cloud and therefore extends an existing ISO 27001 control framework with privacy specific requirements. This practical framework to manage data protection and information security risks, implemented in conjunction with ISO 27001 also gives a solid foundation for GDPR compliance.

In what SupplHi excels?

According to the independent auditor, SupplHi proves the following strengths:

  • strong passion and consciousness of information security and privacy elements by the operational resources;
  • excellent Client’s requests management with primary and sophisticated Clients;
  • excellent technology at the base of the platform which is realized with the newest and most scalable and resilient technologies;
  • good documentation management of the requirements (also additional to the minimum ones) of both ISO 27017 and 27018 which shows a careful customization to SupplHi’s real-life SaaS processes.

What is in it for my Company?

We achieved ISO 27001 in July 2019, which ensures that we have established methodologies and a framework to business and IT processes to help identify, manage, and reduce risks to the security of information.

In 2020, we doubled our ISO certifications obtaining ISO 27017, a widely recognized international standard covering information security controls for cloud services which is highly relevant for our customers.

As a part of our continuous commitment to provide you with the most secure Vendor Management SaaS, by obtaining ISO 27018, we wanted to further improve how we align our internal practices and procedures on managing PII, allowing you to have more control on it while guaranteeing a greater transparency on how we use it in accordance with the highest standards of our industry.

Our certified compliance with the standards of ISO/IEC 27018 not only demonstrates how our privacy policies and procedures are robust and in line with industry standards but also allows you to satisfy your own legal obligations (see GDPR Art. 28 sec. 1) on assuring capabilities of your Vendor Management SaaS provider by verifying its certificates scope and validity.

Download SupplHi’s ISO certificates:

ISO 27001

ISO 27017

ISO 27018

You can visit Bureau Veritas’ platform to verify our certifications scope and validity: Certificate Search | Bureau Veritas Italia