Overview
Piano's data privacy and protection team is led by our Chief Security Officer, who as a top-level executive, ensures that our platform can be configured to meet all industry and government standards for data security. This guarantees that privacy and protection are a primary requirement for our software. All Piano software systems are hosted in industry standard data centers in secure facilities with both local and regional redundancy to make data loss nearly impossible.
Piano collects and processes personal data as part of our content and subscription management services. To this end, we may process user data for the following reasons:
-
as part of data hosting services
-
for data analysis to help you better understand your audience
-
as part of messaging and communications features
-
for analysis of user preferences for product or service improvement
-
to provide access to customer service and support resources
-
to detect and prevent abuse of your media content
-
to provide a user-requested service or in accordance with the express consent of such users
Piano maintains an Information Security Management System (ISMS) based on the standard ISO/IEC 27001:2022 which is designed to ensure that the data safeguards established for compliance are maintained. Our ISMS is supported by established Piano Software Information Security Policy (ISP), which is designed to ensure that the data safeguards established for compliance are maintained.
ISP is applicable to all Piano team members, agents, contractors, representatives, and other parties that have access to private data. The Piano Software Information Security Policy covers ISO 27001:2022 Annex A controls:
-
Organization of information security
-
Human resource security
-
Asset Management
-
Access Control
-
Cryptography
-
Physical and environmental security
-
Operations security
-
Communications security
-
System acquisition, development and maintenance
-
Supplier relationships
-
Information security incident management
-
Information security aspects of business continuity management
Our Information Security Management System covers also:
-
Risk management
-
Employee awareness
-
Periodical measurement and evaluation of the Information security framework effectiveness