Hos TomTom Telematics er vi engagerede i informationssikkerhed og datafortrolighed. Vi investerer løbende i vores tekniske arbejde, gennemprøvede teknologier, processer og mennesker, så vi altid kan give dig de mest pålidelige telematics-tjenester på markedet. Som en af verdens største leverandører af telematics-tjenester er det vigtigt med løbende investering i vores tjeneste. For at sikre os, at vi er den bedste partner for din virksomhed – nu og i fremtiden – arbejder vi hele tiden på at forbedre os.

Reasons for TomTom Telematics

ISO/IEC 27001:2013 Certified Scope

Has established and applies an Information Security Management System according to the »Statement of Applicability« for Architecture, Engineering, Quality Assurance, as well as IT operations of the TomTom Telematics Service Platform including Business Continuity Management provided to the TomTom Telematics BV, at the Technology Headquarters and at our secure Data Center co-locations in Germany. This is in accordance with the ISO/IEC 27001:2013 Statement of Applicability version 02/11/2016.

ISO27001 certified scope

»The ISO/IEC 27001:2013 certification underpins that we’re in complete control of our processes and even more importantly, that our client data is in safe hands, which is crucial for us providing a business critical fleet management “Software as a Service” (SaaS) solution.«

Information Security Management System

The cornerstone of TomTom Telematics’ commitment to information security is our set of security policies and programmes. Based on our rigorous risk management programme our policy aligns security with operations across the following topics:

Information security policies

Information Security Policies

A detailed set of security policies designed to provide management direction and support of the information management system and all operational activities with respect to the TomTom Telematics Service Platform.

Organisation of information security

Organisation of Information Security

Information Security is everyone’s business.Employment of a full-time information security team to provide compliance and governance of the ISO/IEC 27001:2013 in addition to alignment with the German Data Protection Act is at the foundation of the organisation of information security. All of our employees play an integral part in supporting the information security management system.

Human resources

Human Resources

Security in the employment life cycle is critical to ensure that security is emphasized prior, during, and after the termination of employment.

Asset management

Asset management

Inventory, ownership, and maintenance of all our assets throughout the life cycle is important to ensure that assets are categorised, labelled, and assigned risk owners to ensure that all assets including those with company IP or customer data are handled in a correct and secure way to maintain security.

Access control

Access Control

Through authentication / authorisation controls and identity management, all access is limited to a need-to-have basis. Additional controls assist to prevent unauthorised access for example system logging and monitoring which provides real-time detection across our security perimeter.



We invest in state of the art hardware and software solutions including proven cryptographic technologies in order to protect the confidentiality, integrity and availability of our customer’s data as well as our operational systems.

Physical and environmental security

Physical and Environmental Security

We place great value on ensuring physical and logical separation is maintained in the TomTom Telematics Service Platform. This includes ensuring that the physical location in which information assets are located are protected from unauthorised access, and that equipment is protected from environmental conditions to prevent the failure of services to our customers.

Communications security

Communications Security

The protection of physical and virtual assets is critical to a secure telematics solution. This also includes maintaining a secure communications network and the facilities from which the network is hosted for secure transfer of the data between your vehicle and our TomTom Telematics Service Platform backend.

Operational security

Operational Security

TomTom Telematics operates two independent data centres in the European Union due to the high level of data privacy standards required. Our active / active configuration also ensures the highest availability including full disaster recovery.

  • Malware prevention
  • Monitoring
  • Vulnerability / patch management
  • Penetration testing
  • Incident management
  • Network security
  • Secure tape off-site storage
  • System hardening

Systems Acquisition, Development & Maintenance

As a software company, all of our products depend on secure coding principles and processes to ensure an agile product life cycle.

Teknisk arbejde

Analyse af softwaredesign

Fuldendt udvikling

Statisk inspektion af kode


Dynamisk analyse af programmet


Implementering og stabilisering af programmet

The TomTom Telematics Service Platform Life Cycle includes:

  • Peer reviewed design and coding
  • Style guidelines
  • QA / load testing
  • Release management
  • OWASP Top 10 and SANS Top 25 static code reviews

In addition, we facilitate the following programmes to secure our engineering perimeter:

  • Security education for our engineering work force
  • Implementation-level security testing and review
  • System hardening
  • Vulnerability / Patch management
  • Penetration testing
Supplier Relationships

Supplier Relationships

Securing the external risks on the edge of our scope helps to ensure that no additional risk is added to the organisation through our partners or suppliers. When possible, we select suppliers who are ISO/IEC 27001:2013 certified, as well as actively monitor our suppliers in order to maintain a secure working relationship and to be aware of changes to their environments which could affect our secure operations.

Information Security Incident Management

Information Security Incident Management

Should a security incident occur, it is important to have an effective approach for managing the incident, which includes the communication to all interested parties, as well as the internal reporting of security weaknesses which help support a secure perimeter.

Information Security Aspects of Business Continuity Management

Information Security Aspects of Business Continuity Management

We manage a detailed Business and Information Security Continuity programme to ensure that the TomTom Telematics Service Platform will be available to our customers even in the event of a disaster. Through our Active/Active data centre configuration, the probability of a major disaster in both centres is unlikely as each centre can maintain our entire operation if necessary which means you can rely on the TomTom Telematics Service Platform service being available when you need it.

Compliance and data privacy

Compliance and Data Privacy

TomTom Telematics is controlled and audited to ensure data privacy compliance by our Data Privacy Officer (DPO) which is aligned with the EU GDPR as well as all other relevant data protection legislation.

Our ISMS Security team performs regular reviews of legal or security requirements which might have an effect on the TomTom Telematics Service Platform or our information security management system.

  • Maximum security and integrityYour data is in safe hands with our ISO/IEC 27001:2013 certified system.
  • Protecting driver privacyWith our focus on data privacy, we have worked together with data privacy groups and work councils to demonstrate our commitment to your privacy.
  • Data deletionData is marked as dereferenced and overwritten in the event of data deletion to prevent that the data should be accessible by any other parties.
  • Data retentionWe retain precise position data tracks for ninety (90) days, and three (3) years for log book, dashboards, and reporting.
  • Choose integrity. Protect the environment.We do our part to provide you a secure platform, which allows you to save costs while doing your part for the environment.

Download dataark for 

Få mere at vide om vores platform. Anmod om opkald.