Security & Compliance
bizSupply is built and operated by Infosistema, certified to ISO/IEC 27001 (information security) and ISO 9001 (quality management). Below: the certifications themselves, the security pillars that back them, and how to reach us if you need certificate copies or a security review for procurement.
Audited annually by independent certification bodies. Coverage extends across all Infosistema products and services. Certificate copies and full scope statements available on request — email privacy@infosistema.com.
Information Security Management
Quality Management
The certifications above don't tell you what we actually do. These are the operating controls that back them.
TLS 1.2+ in transit, AES-256 at rest. Data and credentials are never stored in plaintext.
Role-based access control with per-workspace scoping. No standing admin credentials; production access is time-bound and audited.
Contract data, vendor records, and analytics live in tenant-scoped storage. We do not use Customer Data to train models or for any purpose outside service delivery.
Every privileged action and data export is logged with actor, timestamp, and outcome. Logs are retained per the data-retention policy in the Privacy Policy.
Hosted on Google Cloud Platform with EU and US regions. EU customers stay in europe-west1; US customers stay in us-central1.
Documented runbooks for credential rotation, history-scrub, and breach notification (72 hours per GDPR). Both production servers are monitored continuously.
Procurement teams and security reviewers can request ISO certificate copies, scope statements, and our standard Data Processing Agreement (DPA). For ongoing platform privacy questions see the Privacy Policy.
