Along with recertification of both ISO/IEC 27001 and ISO/IEC 27017, Droit offers enhanced levels of confidence in cloud security
LONDON, Aug. 20, 2025 /PRNewswire/ -- Droit, a technology firm at the forefront of computational law and regulation, announces the achievement of ISO/IEC 27018:2019, the gold-standard certification for the protection of personally identifiable information (PII) in public clouds.
Data privacy regulations continue to expand across jurisdictions and are a key compliance requirement for any cloud service provider (CSP). The ISO/IEC 27018 standard assures clients that Droit, as a CSP and PII processor, has implemented best practice controls and guidelines to protect personal data in all public clouds.
This builds on Droit's previous ISO cloud security certifications achieved in 2024, ISO/IEC 27001:2022 and ISO/IEC 27017:2015, which provide security assurance to Droit's clients as they navigate cloud migrations. Droit has also been recertified for both ISO/IEC 27001:2022 and ISO/IEC 27017:2015, in its latest audit.
Today, Droit's trio of cloud and security certifications offers financial institutions enhanced levels of confidence that their personal data and cloud services are secure and provides internationally recognized assurance for their compliance efforts.
In addition, the ISO/IEC 27018 standard aligns with Europe's General Data Protection Regulation (GDPR), which regulates how organizations handle personal data of individuals within the EU, thereby meeting the EU GDPR requirements related to PII.
Kaveh Moravej, Head of Information Security at Droit, said, "ISO 27018 is the world's best-known privacy standard for the cloud and is a natural evolution from our ISO/IEC 27001 and ISO/IEC 27017 certifications. To successfully achieve ISO 27018, we augmented our existing security and privacy programs. This included working across the business on new protocols and raising awareness to ensure all the requirements of the standard were met. We are now able to more easily address existing and future, ever-changing global data privacy regulations and give our clients the confidence that we are fully aligned with their data privacy needs."
Peter Bals, Chief Technology Officer at Droit, said, "Droit's ISO certifications underscore our commitment to the safeguarding of both cloud security and data privacy to build trust with the global financial institutions we serve. Achieving ISO 27018 provides independent validation of our focus on security and cements our position as a major cloud services provider. These best practice controls are integral to supporting clients on their cloud journeys."
Droit was audited by an external, independent, and accredited team as part of the ISO certification process.
About Droit
Droit is a technology firm at the forefront of computational law and regulation within finance and other domains. Founded in 2012, Droit counts many of the largest financial institutions as its clients. Its award-winning, patented platform Adept provides an implementation of regulatory rules reflecting industry consensus. The Adept platform processes tens of millions of inquiries a day, deciding in real-time which interactions are legally permissible across the globe. Adept is used by institutions to evaluate, with sub-millisecond latency, the full regulatory implications of any given interaction within their transactional infrastructure.
For more information visit droit.tech. To obtain more information about Droit's products, please contact sales@droit.tech.
View original content:https://www.prnewswire.co.uk/news-releases/droit-achieves-isoiec-270182019-certification-for-personal-data-protection-in-public-clouds-302533785.html
