Request demo

Security & Compliance

Back to legal

Introduction

MediaLab is fully committed to security and ensuring your media (and other data) stays safe and that you keep control. We employ industry standards and best practices to ensure our services can be relied upon by customers worldwide.

Compliance

ISO 27001

MediaLab maintains an Information Security Management System that has been successfully assessed as per the requirements of ISO/IEC 27001:2022. For more information, please visit our Trust Center.

GDPR / CCPA

MediaLab is developed to comply with all requirements stated by the GDPR and the CCPA.

MediaLab is a Dutch registered company and is registered with the Dutch Chambers of Commerce (Kamer van Koophandel) (52696308).

Vulnerability Disclosure Policy

MediaLab maintains a public Vulnerability Disclosure Policy.

We take vulnerability disclosures extremely seriously. Once disclosures are received, we will respond to your report promptly, and work with you to understand and validate your report. We will work to remediate discovered vulnerabilities in a timely manner, within our operational constraints.

Penetration Testing

MediaLab undergoes annual grey box penetration testing by a third-party agency as well as regular vulnerability scanning. Penetration testers are given a user account to allow testing product-specific features including RBAC and tenant isolation. Application-level tests are performed on a dedicated platform to isolate any issues, while all vulnerability scanning run against our production environment. Information about any security vulnerabilities successfully exploited through penetration testing is used to set mitigation and remediation priorities. A summary of our latest penetration test findings can be requested by our enterprise customers through our Trust Center.

Corporate Security

Security Policies

MediaLab maintains a comprehensive set of documented Security Policies in our Information Security Management System.

Our policies are designed in accordance with ISO 27001 and are updated on an ongoing basis and reviewed annually.

To access our policies and certificates, please refer to our Trust Center.

Incident Response

MediaLab maintains a public status page at https://status.medialab.co which reports on operational issues and scheduled maintenance.

Users can subscribe to updates from the status page. Operational issues will also be communicated through the MediaLab application with a status widget.