Trust is the basis of all digital collaboration – and that’s precisely why we at Voicepoint consistently invest in the highest standards of information security.
Voicepoint is already certified according to ISO 27001 and ISO 27701. At the end of December 2025, we reached another important milestone: Voicepoint was successfully audited for the ISO 27018 extension.
With this certification, we reaffirm our commitment to keeping the Voicepoint Cloud as secure as possible, particularly with regard to the protection of personal information (PII).
ISO 27018 – an additional security standard specifically for cloud services
ISO 27018 complements the ISO 27001 standard and is specifically designed for cloud environments. The focus is on ensuring that cloud providers process personal data in a transparent, responsible manner and according to clear rules.
For our customers, this means that our processes and controls go one step further – ensuring that personal data remains protected at all times, even in the cloud.
What does ISO 27018 specifically include?
ISO 27018 defines additional requirements for cloud providers. These include, among others:
- Personal data may only be processed in accordance with our customers’ specifications.
- Tools must be available to help end users access, modify, delete, or correct their data.
- Processes for the return, transmission, destruction and transfer of personal data must be clearly defined.
- The disclosure of data to authorities is only permitted when legally required – and our customers are informed whenever legally possible.
- Personal data may not be used for your own purposes.
- The use of personal data for marketing or advertising purposes requires the express consent of the customer.
- Cloud providers must disclose in which countries personal data is processed.
- In the event of security incidents, there are clear rules regarding reporting obligations, including the information that customers need to fulfill their own obligations.
- The timing, nature, and consequences of an incident must be documented – as well as the timeframe within which the notification must be made.
Another step toward greater trust
For us, ISO 27018 certification is not just a formal standard – it is an expression of our commitment to providing our customers with an environment in which information security and data protection are always the highest priority.
Do you have any questions about the certification, or would you like to learn more about what ISO 27018 means for your use of the Voicepoint Cloud?
Feel free to contact us, our team is happy to assist you.