# ISO/IEC Certification

As part of our information security management system (ISMS), Twilio is certified under ISO/IEC 27001, a management system that provides specific requirements and practices intended to bring information security under management control. In addition, we have attestations to ISO/IEC 27017 and ISO/IEC 27018, internationally recognized codes of practice that provide guidance on controls to address cloud-specific information security threats and risks as well as for the protection of personally identifiable information (PII). Our compliance with these standards assures your protection in many ways:

* Your data and environment are protected and separated from other customers
* Twilio is committed to alignment with globally recognized best practices and maintains a system of precise controls to ensure the integrity of its cloud services
* Physical media are managed and controlled to protect Twilio customers' data
* Your data won't be used for marketing/advertising without consent
* You know what's happening with your PII
* We comply only with legally binding requests for disclosure of customer data
* Twilio provides customers the ability to manage their data; you control your data and know where it is stored

## ISMS Scope

All publicly available Twilio services and features are in scope.

## Learn More

Visit iso.org to learn more:

* [ISO/IEC 27001](https://www.iso.org/isoiec-27001-information-security.html)
* [ISO/IEC 27017](https://www.iso.org/standard/43757.html)
* [ISO/IEC 27018](https://www.iso.org/standard/76559.html)