Information Security and Data Protection

Our technology connects data to and from marketing channels to achieve groundbreaking results, while protecting the privacy of end consumers.

To achieve this we process large amounts of personal data. A responsibility we take very seriously. We’ve invested heavily in our infrastructure, policy, procedure and certifications as a result.

Driftrock is GDPR Compliant

GDPR is a regulation that requires businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states

Driftrock is ICO

The ICO regulates data protection in the UK‍

Driftrock is ISO 27001 & 9001 Certified

ISO 27001 is an internationally recognised specification for an Information Security Management System

Trusted by world-leading, data driven brands

University of Birmingham

Data Protection and Compliance

Driftrock makes it easy for you and your compliance teams to review and manage information security and data protection risk.

Reach out if you require further information packs, data protection impact assessment overviews or need to conduct a detailed security audit.

ISO 27001 & ISO 9001


Driftrock is  ISO 27001 Information Security and ISO 9001 Quality Management Certified.

General Data Protection Regulation (GDPR)


Driftrock is GDPR Compliant with the latest data privacy regulations working with our Data Protection Officer to continuously update our policies and procedures.

Data Subject Access Requests (DSAR)


Driftrock makes it easy for our customers to comply with DSARs. We comply with DSAR (data subject access request) granting individuals the right to access their personnel data and requesting information about how their personal data are being processed.

Please contact us for details on making DSARs for your end-users.

Information Commissioner's Office (ICO)


Driftrock is ICO registered under number ZB049770

Information Security features

Single Sign-On SSO


Driftrock’s customers can sign-up using your Google or Microsoft Single Sign-on services for additional control and security.

Two Factor Authentication


Enterprise customers can enable additional two-factor security using your favourite Authenticator app.

Access Rights


Administrators can assign permission levels to manage who has access to settings and data in the Driftrock platform.

Data Visibility & Access


You can choose how data is accessed in your Driftrock account. Administrators can assign trusted team members to view and access personal data, whilst providing a safe environment for those that do not need to view or access personal data.

Data Storage


As well as visibility and access of data, you have full control over the way that Driftrock processes and stores leads and actions. For example, set personal data fields to automatically delete after a maximum of 30 days.