Certificate No. 01 153 1900222

Certificate Number: 01 153 1900222
Certificate Holder: Contentful GmbH

Max-Urich-Str. 3
13355 Berlin

The scope of the ISMS covers all processes, procedures and activities which are necessary for the provision and the operation of the content management infrastructure and related services. This includes the following core functions and its supporting functions and assets:- Web application- Content Management- Content Preview- Content DeliveryStatement of Applicability (SoA):Version 3.0 from 25.05.2020

Der Anwendungsbereich des ISMS umfasst alle Prozesse, Verfahren und Tätigkeiten, die für die Bereitstellung und den Betrieb einer Content Management Infrastruktur und der damit verbundenen Dienste erforderlich sind. Dazu gehören die folgenden Kernfunktionen und deren unterstützende Funktionen und Prozesse:- Webanwendung- Content Management- Content Vorschau- Content AuslieferungStatement of Applicability (SoA):Version 2.0 from 07.03.2019

Certificate Type: ISO/IEC 27001

Standard for Information Security Management Systems

ISO/IEC 27001 is a voluntary, international standard for the evaluation and certification of the management of information security processes within companies, issued by ISO, the International Organization for Standardization.

In addition to information technology, ISO/IEC 27001 particularly considers the relevant business processes. It not only describes the demands made on the organization and the technical systems, but also the suitable activities for permanently sustaining the security level determined on the basis of the risk assessment.

Certification is relevant to all organizations that work with confidential data that they want to protect.

The information security management system showing the TÜV Rheinland mark is audited and certified by TÜV Rheinland.

Expert auditors analyze and evaluate the customers' organization. If all necessary requirements are fulfilled the organization is certified according to ISO 27001. The information security management system of the organization is subject to periodic surveillance.

Certified organizations may use the test mark in their communications.

More information on this service: