Security, Confidentiality, Integrity and Availability of Systems and Data

SOC 2 – Type 2
SOC 2 – Type 2
To add to our commitment to information security and governance through ISO 27001, Calligo has also achieved compliancy with a SOC 2 Type 2 Report. Our Type 2 Report confirms independent assurance of the effectiveness of our data security and availability controls over a prolonged period of time, covering the operational effectiveness of Calligo’s service commitments and IT system requirements in the UK, Channel Islands, Ireland, Canada and the US.
ISO 27001:2022
ISO 27001:2022
ISO 27001:2022 is the latest version of the ISO’s (International Organisation for Standardization) common framework to manage information security within an organization. The basic objective of the ISO 27001 standard is to help establish and maintain an effective information security management system that has a defined continual improvement approach to ensure it can grow and change along with the business and the technologies used. Calligo’s implementation of ISO 27001:2022 intends to protect the confidentiality, integrity and availability of the information assets that are stored within our platform, ensuring that we continue to maintain the highest levels of security and privacy regardless of jurisdiction.
View Certificate
ISO 9001:2015 Certified
ISO 9001:2015 Certified
ISO 9001 helps ensure that customers receive consistent, good quality products and services. At Calligo, we have built out our ISO 9001 QMS to provide a solid scalable framework for managing our business, delivering efficiency through repeatable, safe, high-quality processes. The QMS touches all of the key areas within the organisation. This includes our “client facing” areas, Sales, Marketing, Service Delivery, Project Management, and Audit & Compliance and our “run the company” areas, such as Purchasing, HR, Health & Safety, and Corporate Governance. Calligo ensures that every business unit is covered.
View Certificate
Cyber Essentials
Cyber Essentials
The Cyber Essentials scheme is a cyber security standard from the UK’s National Cyber Security Centre. It identifies the security controls that an organisation must have in place within their IT systems in order to address cyber security effectively and mitigate the risk of data security threats.

Data Privacy

CIPM
CIPM
The Certified Information Privacy Manager accreditation shows that our teams are leaders in privacy program administration across the entire data lifecycle. Core to this qualification is the practical ability to implement privacy policies into day-to-day operations, including structuring the privacy team, implementing privacy program frameworks, communicating to stakeholders and measuring performance.
CIPP/C & CIPP/E
CIPP/C & CIPP/E
The Certified Information Privacy Professional (CIPP) qualification shows that both the internal and external Calligo team is qualified in jurisdictional laws, regulations and enforcement models, plus the legal requirements for handling and transferring data. Calligo team members hold credentials for both Canada and Europe.
GDPR
GDPR
We comply with the principles of the EU General Data Protection Regulation (GDPR), as well as the UK Data Protection Act 2018, the Data Protection (Jersey) Law 2005, the Data Protection (Bailiwick of Guernsey) Law 2001 and the Privacy and Electronic Communications (EC Directive) Regulations 2003. Calligo is also ISO 17024-accredited as well as EU GDPR F and EU GDPR P qualified.