Security, Privacy and Compliance

With increasing ease of access to data comes the question of data security and ethics. And so, we’ve got you covered. Our data architecture framework safeguards your data from hacking and minimizes fraud. We pride ourselves in informing you that our security framework complies with the GDPR framework and is widely recognized in 100+ countries.

Your Data, Our Priority

Every data that we maintain in our organization - our user’s data, the data of enterprises we do businesses with and our own data is covered by data theft insurance subjected to specific organization parameters. We are your go-to partner for your data channelization. Your security is our vision. We take inspiration from the following global standards.


ISO27001 is an international standard to manage information security. Certification to the ISO27001 indicates that our Information Security Management System (ISMS) is aligned with the best security practice in place. As part of the ISO27001 security standard, we establish, implement, operate, monitor, maintain and review our ISMS.

SOC 2 Type II

The SOC 2 Type II certification assesses how we comply with the five trust principles of operating systems and processes in place. These five principles are security, availability, integrity, confidentiality and privacy. As a SOC 2 Type II certificate holder, we sec


As a withholder of ISO27018 certification, a standard exclusively for data privacy in cloud computing, we strive to control and implement guidelines to protect Personally Identifiable Information (PII). Through ISO27018, we seek to improve security and legal protection continually.


Ensuring your data is safe and always available to you is our top priority. For customers who are subject to the Health Insurance Portability and Accountability Act (HIPAA) requirements, My Data My Consent supports HIPAA compliance. Users who are subject to HIPAA and wish to use our platform must sign a Business Associate Agreement with My Data My Consent.

EU-US Privacy Shield Framework

The EU-US Privacy Shield is a framework to regulate the exchange of personal data for commercial purposes. This framework elaborates on the seven major principles to follow when guarding the privacy of individuals. These seven significant principles range from accountability, security to data integrity, enforcement and liability. We’re delighted to be compliant with the EU-US Privacy Shield framework


The Cloud Security Alliance (CSA) supports the Security, Trust and Assurance Registry (STAR). It is a publicly accessible registry for cloud service providers to publish their CSA-related assessments. The Gold CSA Star certificate allows information security management in the following areas - infrastructure, development, security, operations, and support.


What our Customers Say

Srinivas Varma

API Integration Lead

Our engineers don’t have to build the interfaces, they don’t have to build all the security around it, … they don’t have to deal with managing & verifying our customers genuineness when they onboard & use our platform & services. All thanks to My Data My Consent.

Nidhi Maheta

Senior Banking Manager

The top benefit to us of using My Data My Consent was certainly the simplicity of the solution. The easy to integrate developer friendly APIs made our organization to appear as a document and financial account provider on My Data My Consent Platform in hours. Happy to see our customers there.


The General Data Protection Regulation (GDPR) is the primary law that regulates how companies protect EU citizens' private data. My Data My Consent caters to users internationally; hence, we are proud to comply with the GDPR framework to protect and regulate our international users’ data.

  • Any personal data usage is communicated to the user or the business, and proper consent is acquired.
  • We follow relevant protocols under specific guidelines to ensure data compliance.
  • All third parties, new vendors, assets and business activities concerning transactions and personal data are subject to the privacy, security and compliance review.
  • Personal data is thoroughly protected and stored safely.


  • Product Security
  • Access Management
  • Security Monitoring
  • Endpoint protection
  • Incident Response
  • Infrastructure management
  • Data encryption
  • DDoS protection

Reach Us

Contact My Data My Consent’s security team directly at:

[email protected]


Download our PGP Key which allows you to send us encrypted emails.

Download our PGP Key

Report a Vulnerability

Report in our vulnerability disclosure program.



Ready to get started? Get in touch or create an account.

Sign-Up Now