Information security policy

Valid from September 29, 2025

Information security policy

Valid from September 29, 2025

Information security policy

Valid from September 29, 2025

At Tolgee, we care deeply about keeping information safe – whether it’s our own or data you entrust to us. That’s why we follow the international standard ISO/IEC 27001:2022 Information security, cybersecurity and privacy protection and have established a few clear, practical principles for how we approach information security.

WHAT DOES THAT MEAN IN PRACTICE?

We want our products to be high-quality, modern, and secure. To make that happen, we commit to the following:

  • We build and continuously improve our security system, so it meets legal, industry, and customer expectations.

  • We set specific, measurable security goals and regularly check how we're doing. If needed, we update them to stay relevant and effective.

  • We identify and assess risks – and act early to reduce or eliminate them.

  • We provide the necessary resources – people, tech, finances – to maintain strong security.

  • We support our security team in learning and growing their skills.

  • We raise security awareness throughout the company, so everyone knows how to handle information responsibly.

  • We keep our documentation clear and easy to use, to help – not hinder – day-to-day work.

  • We have plans in place for service disruptions, to minimize downtime and get back on track quickly.

  • We focus on prevention, not just fixing issues – and when something does go wrong, we analyze it and improve.

  • We stay up to date with new technologies that can help us meet our security goals.

  • We regularly review our entire security system, so we can keep improving and stay ahead of potential changes.

WHAT DOES THAT MEAN IN PRACTICE?

We want our products to be high-quality, modern, and secure. To make that happen, we commit to the following:

  • We build and continuously improve our security system, so it meets legal, industry, and customer expectations.

  • We set specific, measurable security goals and regularly check how we're doing. If needed, we update them to stay relevant and effective.

  • We identify and assess risks – and act early to reduce or eliminate them.

  • We provide the necessary resources – people, tech, finances – to maintain strong security.

  • We support our security team in learning and growing their skills.

  • We raise security awareness throughout the company, so everyone knows how to handle information responsibly.

  • We keep our documentation clear and easy to use, to help – not hinder – day-to-day work.

  • We have plans in place for service disruptions, to minimize downtime and get back on track quickly.

  • We focus on prevention, not just fixing issues – and when something does go wrong, we analyze it and improve.

  • We stay up to date with new technologies that can help us meet our security goals.

  • We regularly review our entire security system, so we can keep improving and stay ahead of potential changes.

WHAT DOES THAT MEAN IN PRACTICE?

We want our products to be high-quality, modern, and secure. To make that happen, we commit to the following:

  • We build and continuously improve our security system, so it meets legal, industry, and customer expectations.

  • We set specific, measurable security goals and regularly check how we're doing. If needed, we update them to stay relevant and effective.

  • We identify and assess risks – and act early to reduce or eliminate them.

  • We provide the necessary resources – people, tech, finances – to maintain strong security.

  • We support our security team in learning and growing their skills.

  • We raise security awareness throughout the company, so everyone knows how to handle information responsibly.

  • We keep our documentation clear and easy to use, to help – not hinder – day-to-day work.

  • We have plans in place for service disruptions, to minimize downtime and get back on track quickly.

  • We focus on prevention, not just fixing issues – and when something does go wrong, we analyze it and improve.

  • We stay up to date with new technologies that can help us meet our security goals.

  • We regularly review our entire security system, so we can keep improving and stay ahead of potential changes.

WHAT’S THE FOUNDATION OF ALL THIS?

It all comes down to three key principles:

  • Confidentiality: we handle information sensitively, considering the rights of individual users.

  • Integrity: data must remain unchanged and accurate.

  • Availability: we have the necessary information available when we need it.

WHAT’S THE FOUNDATION OF ALL THIS?

It all comes down to three key principles:

  • Confidentiality: we handle information sensitively, considering the rights of individual users.

  • Integrity: data must remain unchanged and accurate.

  • Availability: we have the necessary information available when we need it.

WHAT’S THE FOUNDATION OF ALL THIS?

It all comes down to three key principles:

  • Confidentiality: we handle information sensitively, considering the rights of individual users.

  • Integrity: data must remain unchanged and accurate.

  • Availability: we have the necessary information available when we need it.

Product

Sign up

Book a demo

Documentation

Roadmap

Pricing

Community

Slack

GitHub discussions

Docker hub

Npm

OSS friends

Company

We are hiring

Why open-source

Blog

Contact us

Privacy policy

Terms & conditions

Cookie statement

Information security policy

©

2025

Tolgee

All rights reserved.

Slack

GitHub discussions

Docker hub

Npm

OSS friends

Privacy policy

Terms & conditions

Cookie statement

Information security policy

©

2025

Tolgee

Product

Sign up

Book a demo

Documentation

Roadmap

Pricing

Community

Slack

GitHub discussions

Docker hub

Npm

OSS friends

Privacy policy

Terms & conditions

Cookie statement

Information security policy

©

2025

Tolgee

All rights reserved.