Pipedrive Passed ISO 27001 Surveillance Audit and Received First Ever ISO 27701 Certification, Reinforcing Commitment to Privacy and Security Management

Press contact:
press@pipedrive.com

Pipedrive, the easy and effective CRM for small businesses, today announced that it has successfully passed the globally recognized ISO 27001:2013 surveillance audit for information security management and achieved its extension, ISO 27701:2019, for privacy information management, addressing its role as both a data processor and data controller. The certifications highlight Pipedrive’s unwavering commitment to upholding the highest international standards for security and privacy, providing its customers with enhanced confidence that their data is handled securely and responsibly.

“Achieving ISO 27701 certification for privacy information management is a significant milestone for Pipedrive. It underscores our steadfast commitment to protecting personal data and demonstrates that we have strong, measurable systems in place for managing security and privacy at scale,” said Phil Mellet, General Counsel at Pipedrive.

“World-class infrastructure alone is not enough – it must be paired with the highest standards for security and privacy to deliver real value. At Pipedrive, we aspire to be seen as a benchmark for the SaaS industry when it comes to protecting information and privacy. By renewing ISO 27001 and achieving ISO 27701 certifications, we reaffirm our position as a trusted partner for our customers, showing that we don’t just meet expectations – we exceed them. Our customers can rest assured that their data is handled with the utmost care, backed by systems that are continuously improved and independently validated,” continued Mellet.

ISO 27001 establishes a framework for managing and safeguarding information security through a rigorous Information Security Management System (ISMS), while ISO 27701 expands this scope to include Personally Identifiable Information (PII) and privacy information management. Together, they ensure that Pipedrive has robust, effective programs in place to protect sensitive information, aligned with global privacy regulations like GDPR. Additionally, the certifications establish Pipedrive’s adherence to continuous improvement. This is particularly relevant in today’s evolving digital landscape, where privacy frameworks play a crucial role in ensuring responsible AI governance and compliance with regulations worldwide.

In addition to ISO 27001 and ISO 27701 certifications, Pipedrive has successfully renewed its SOC 2 Type II and SOC 3 Type II audits, underscoring the intrinsic connection between security and privacy.

For customers, this milestone means:

• Peace of mind: Independent auditors have validated Pipedrive’s systems and frameworks, affirming that data entrusted to the platform is managed responsibly.
• Global alignment: Pipedrive’s privacy and security practices align with international regulations like GDPR, strengthening trust in the platform’s ability to keep pace with evolving requirements.
• Commitment to continuous improvement: Maintaining these certifications ensures that Pipedrive’s privacy and security programs evolve to address new challenges and opportunities.

Pipedrive’s ISO certifications and SOC 3 audit report are available in the company’s Trust Center, providing full transparency and easy access for customers and stakeholders. To learn more about the ISO 27701 framework, please visit here.

About Pipedrive

Founded in 2010, Pipedrive is the easy and effective sales CRM that drives small business growth. Today, Pipedrive is used by revenue teams at more than 100,000 companies worldwide. Pipedrive is headquartered in New York and has offices across Europe and the US. The company is backed by majority holder Vista Equity Partners, and Bessemer Venture Partners, Insight Partners, Atomico, and DTCP. Learn more at www.pipedrive.com.

View source version on businesswire.com: https://www.businesswire.com/news/home/20250115143917/en/