ISO 27001 Certification

Data Security Qualifications and Compliance



We take information security seriously


As a data company, we understand the importance of keeping your data secure. Customology is ISO 27001 certified to reassure you that your data and information is protected. This is the international standard that specifies the requirements for implementing, maintaining and continually improving an information security management system. We take all reasonable steps to protect the confidentiality, integrity and availability of the data and information we hold.


Achieving ISO 27001


  • Shows Customology takes a ‘best practice’ approach to data security management
  • Indicates Customology can be trusted to manage its risks and security
  • For our clients, stakeholders and employees shows that we take security seriously and make every effort to protect data and information


Protecting your data


We have always made security a priority when it comes to data, and gaining ISO certification adds to the many measures we’ve implemented, which includes encryption, monitoring and surveillance, and regular security audits to identify and manage threats.


Customology achieved and maintains certification by developing and implementing a robust security management program, including a comprehensive Information Security Management System (ISMS). This is the basis of the framework for all procedures and policies addressing information security throughout our organisation.


This includes integrating, storing, analysing and segmenting contact, activity, and transactional data of sensitive customer information in accordance with its business objectives by:


  • Communicating, developing, and implementing objectives, policies and processes to ensure confidentiality, integrity and availability of all critical information data and information processing facilities
  • Complying with statutory and regulatory requirements, contractual security obligations, and other applicable requirements
  • Maintaining appropriate systems to ensure integrity and protection against unauthorised alteration or destruction
  • Managing security incidents effectively by establishing security incident response plans
  • Implementing controls for identified risks, threats and vulnerabilities
  • Establishing, implementing and testing of business continuity plans; and
  • Continually improving the ISMS


We are committed to information security, our ISO certification is not a ‘set and forget’ or a ‘one-time effort’. The security of data is an ongoing priority for us, and the formal certification requires regular internal checks as well as formal external audits every year.


Privacy Act & GDPR


Customology handles, uses, and manages data in accordance with the Australian Privacy Principles (APPs) and the General Data Protection Regulation (GDPR), including the Notifiable Data Breach schemes. We work closely with all parties to ensure they understand their responsibilities with respect to privacy and information security. We only collect as much data as is required to provide our services in an efficient and effective manner. We do not share data or disclose data to non-authorised parties. We only use (process) customer data in accordance with our agreed scope of services. 


Government online safety precautions



Cyber security and the threat of phishing


Customology Pty Ltd 

ACN 611 188 393 

ABN 58 611 188 393 

Head Office: 61 Southgate Ave, Cannon Hill QLD 4178 

Australia Mailing Address: PO Box 2456, Mansfield QLD 4122 

Australia Phone: 1300 254 549 or +61 (7) 3902 7700 




Customology is a division of the GJI Group