Driftrock and Data Protection

An overview of Driftrock's data protection policy and our ISO27001 Certification.

What sets Driftrock apart from other providers

As an official Facebook Marketing Partner for AdTech and Audience Onboarding and a LinkedIn Marketing Partner, Driftrock is uniquely positioned to help businesses manage and sync leads from Facebook and LinkedIn.

As well as lead sync technology with downstream measurement for social channels, we also give you real-time push, 10 minute backup sync, up to date Facebook API upgrades, CRM API upgrades, 99.9% uptime, and an online interface to manage sync and campaign settings.

Driftrock is ISO27001 Certified, and have significant Information Security policies and procedures in place. For the lead sync technology, Driftrock is classified as a Data Processor, where we transform and map the leads to your CRM system. The process usually takes <1 second, and we destroy the data instantly after a successful sync. Until the data is ready for transfer, any leads generated remain under control by Facebook.

For automated audience syncing, again Driftrock does not store any PII data and again acts as a Data Processor. The data is pulled from your CRM every 3 hours, it's then hashed using SHA256 hashes and matched with the respective social channels hashes.

Our Data Policy

Driftrock has spent a lot of time in the past year becoming the best in its field with regards to data protection and information security. We were super ecstatic to have recently obtained our ISO27001 certification, with zero issues. This audit highlighted the robustness of our information security processes.

So what does this all mean?

Driftrock is a data processor, as accessed and registered with the Information Commissioners Office.

As a data processor, Driftrock obtains and records information on behalf of data controllers (i.e. our clients). The difference here being that as a data processor, unlike a data controller we do not determine the purposes for which, and the manner in which any personal is processed.

Due to the speed in which a lead enters our lead processing system to the data being deleted, we do not store PII data. We use the most advanced methods of data and information protection through each of the transitions in the process, as was tested in our ISO audit.