CINXE.COM
HERE's Certifications and Attestations | Legal, security, privacy and compliance
<!DOCTYPE html> <html lang="no-no" dir="ltr"> <head> <meta charset="utf-8" /> <meta name="Generator" content="Drupal 10 (https://www.drupal.org)" /> <meta name="MobileOptimized" content="width" /> <meta name="HandheldFriendly" content="true" /> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /> <meta http-equiv="x-ua-compatible" content="ie=edge" /> <link rel="icon" href="/themes/custom/legal_bootstrap/favicon.ico" type="image/vnd.microsoft.icon" /> <link rel="alternate" hreflang="en-gb" href="http://legal.here.com/en-gb/certifications-and-attestations" /> <link rel="canonical" href="http://legal.here.com/en-gb/certifications-and-attestations" /> <link rel="shortlink" href="http://legal.here.com/en-gb/node/541" /> <title>HERE's Certifications and Attestations | Legal, security, privacy and compliance</title> <link rel="stylesheet" media="all" href="/core/modules/system/css/components/align.module.css?srhas0" /> <link rel="stylesheet" media="all" href="/core/modules/system/css/components/fieldgroup.module.css?srhas0" /> <link rel="stylesheet" media="all" href="/core/modules/system/css/components/container-inline.module.css?srhas0" /> <link rel="stylesheet" media="all" href="/core/modules/system/css/components/clearfix.module.css?srhas0" /> <link rel="stylesheet" media="all" href="/core/modules/system/css/components/details.module.css?srhas0" /> <link rel="stylesheet" media="all" href="/core/modules/system/css/components/hidden.module.css?srhas0" /> <link rel="stylesheet" media="all" href="/core/modules/system/css/components/item-list.module.css?srhas0" /> <link rel="stylesheet" media="all" href="/core/modules/system/css/components/js.module.css?srhas0" /> <link rel="stylesheet" media="all" href="/core/modules/system/css/components/nowrap.module.css?srhas0" /> <link rel="stylesheet" media="all" href="/core/modules/system/css/components/position-container.module.css?srhas0" /> <link rel="stylesheet" media="all" href="/core/modules/system/css/components/reset-appearance.module.css?srhas0" /> <link rel="stylesheet" media="all" href="/core/modules/system/css/components/resize.module.css?srhas0" /> <link rel="stylesheet" media="all" href="/core/modules/system/css/components/system-status-counter.css?srhas0" /> <link rel="stylesheet" media="all" href="/core/modules/system/css/components/system-status-report-counters.css?srhas0" /> <link rel="stylesheet" media="all" href="/core/modules/system/css/components/system-status-report-general-info.css?srhas0" /> <link rel="stylesheet" media="all" href="/core/modules/system/css/components/tablesort.module.css?srhas0" /> <link rel="stylesheet" media="all" href="/themes/custom/legal_bootstrap/css/style.css?srhas0" /> <link rel="stylesheet" media="print" href="/themes/custom/legal_bootstrap/css/print.css?srhas0" /> <link rel="stylesheet" media="all" href="/themes/custom/legal_bootstrap/css/jquery-ui.css?srhas0" /> </head> <body class="layout-one-sidebar layout-sidebar-first page-node-541 path-node node--type-legal-page"> <a href="#main-content" class="visually-hidden-focusable"> Skip to main content </a> <div class="dialog-off-canvas-main-canvas" data-off-canvas-main-canvas> <div id="page-wrapper"> <div id="page"> <header id="header" class="header" aria-label="Site header"> <nav class="navbar" id="navbar-top"> <div class="container-lg"> <section class="region region-top-header"> <a href="/no-no" title="Home" rel="home" class="navbar-brand__logo navbar-brand"> <?xml version="1.0" encoding="utf-8"?> <!-- Generator: Adobe Illustrator 20.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) --> <svg version="1.1" id="HERE_x5F_Logo_x5F_2016" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px" viewBox="0 0 283.5 258" style="enable-background:new 0 0 283.5 258;" xml:space="preserve"> <style type="text/css"> .st0{fill:#48DAD0;} .st1{fill:#FFFFFF;} </style> <path class="st0" d="M78.3,218.9L39.1,258L0,218.9L78.3,218.9z"/> <path class="st1" d="M272.2,39.9c-7.6,11.4-23.4,31.8-38.6,16.6l35.2-35.1c-1.8-2-4.3-5-6.1-6.8c-18.9-19-40.3-19.2-57-2.6 c-11.1,11.1-13.9,23.6-10.6,35.5l-10.8-12.3c-3.2,1.8-16.7,12.3-6.6,30.3l-12.6-9.2l-16.7,16.7l22.1,22.2 c-17.3-13.4-35.9-12-50.9,2.9c-16.6,16.5-14.7,36.3-1.7,52.5l-8.7-8.7c-10.9-10.9-25.2-9.3-34.9,0.4c-6.6,6.6-9.8,14.8-9.5,24.6 l-36-36L9.7,150.1l68.6,68.8l38.3,0l-29.8-29.9c-11.6-11.6-7.6-23-4.7-25.9c3.6-3.6,7.8-3.4,12.1,0.9l38.6,38.7l18.6-18.5 l-23.7-23.8c16.8,13.7,37,15.2,55.3-3c0.1-0.1,0.2-0.2,0.3-0.3l0,0c10.9-10.1,14.1-19.9,14.1-19.9L186.1,126 c-7.6,11.4-23.4,31.8-38.6,16.6l35.1-35l23,23.1l19.2-19.2l-27.2-27.3c-12.8-12.8-5.2-24.8,0.1-29.4c2.5,5.2,6.2,10.2,10.8,14.8 c17.8,17.8,40.3,21.8,60.5,1.7c0.1-0.1,0.2-0.2,0.3-0.3l0,0c10.9-10.1,14.1-19.9,14.1-19.9L272.2,39.9z M136.2,131.5 c-8.8-10.4-9-16.2-4-21.2c6.2-6.1,13-2.9,20,3.9l0.6,0.6L136.2,131.5z M218.4,24.2c6.2-6.1,13-2.9,20,3.9l0.6,0.6l-16.7,16.7 C213.5,35.1,213.3,29.3,218.4,24.2z"/> </svg> </a> <div class="navbar-brand__container"> <a href="/no-no" title="Legal, security, privacy and compliance" rel="home" class="navbar-brand__name navbar-brand"> Legal, security, privacy and compliance </a> </div> </section> <div class="form-inline navbar-form ms-auto"> <section class="region region-top-header-form"> <div class="search-block-form block block-search block-search-form-block mb-3" data-drupal-selector="search-block-form" id="block-legal-bootstrap-search-form" role="search"> <form action="/no-no/search/result" method="get" id="search-block-form" accept-charset="UTF-8" class="search-form search-block-form form-row d-flex"> <div class="js-form-item js-form-type-search form-type-search js-form-item-keys form-item-keys form-no-label me-sm-2"> <label for="edit-keys" class="visually-hidden">Search</label> <input title="Enter the terms you wish to search for." data-drupal-selector="edit-keys" type="search" id="edit-keys" name="keys" value="" maxlength="128" class="form-search form-control" /> </div> <div data-drupal-selector="edit-actions" class="form-actions js-form-wrapper form-wrapper" id="edit-actions"><button data-drupal-selector="edit-submit" type="submit" id="edit-submit" value="Search" class="button js-form-submit form-submit btn btn-secondary">Search</button> </div> </form> </div> </section> </div> </div> </nav> <nav class="navbar navbar-dark bg-primary navbar-expand-lg" id="navbar-main"> <div class="container-lg"> <button class="navbar-toggler collapsed" type="button" data-bs-toggle="collapse" data-bs-target="#CollapsingNavbar" aria-controls="CollapsingNavbar" aria-expanded="false" aria-label="Toggle navigation"><span class="navbar-toggler-icon"></span></button> <nav id="CollapsingNavbar" class="collapse navbar-collapse"> <nav aria-labelledby="block-legal-bootstrap-main-menu-menu" id="block-legal-bootstrap-main-menu" class="block block-menu navigation menu--main"> <h2 class="visually-hidden" id="block-legal-bootstrap-main-menu-menu">Main navigation</h2> <ul class="clearfix nav navbar-nav"> <li class="nav-item menu-item--collapsed"> <a href="/no-no/terms" class="nav-link nav-link--no-no-terms" data-drupal-link-system-path="node/603">Terms</a> </li> <li class="nav-item menu-item--collapsed"> <a href="/no-no/privacy" class="nav-link nav-link--no-no-privacy" data-drupal-link-system-path="node/6">Privacy</a> </li> <li class="nav-item menu-item--collapsed"> <a href="/no-no/security" class="nav-link nav-link--no-no-security" data-drupal-link-system-path="node/16">Security</a> </li> <li class="nav-item active"> <a href="/no-no/certifications-and-attestations" class="nav-link active nav-link--no-no-certifications-and-attestations is-active" data-drupal-link-system-path="node/541" aria-current="page">Certifications and Attestations</a> </li> </ul> </nav> </nav> <button class="navbar-toggler navbar-toggler-left collapsed" type="button" data-bs-toggle="collapse" data-bs-target="#CollapsingLeft" aria-controls="CollapsingLeft" aria-expanded="false" aria-label="Toggle navigation"></button> </div> </nav> </header> <div class="highlighted"> <aside class="container-lg section clearfix"> <section class="container-fluid region region-highlighted"> <div data-drupal-messages-fallback class="hidden"></div> </section> </aside> </div> <div id="main-wrapper" class="layout-main-wrapper clearfix"> <div id="main" class="container-lg"> <div class="row"> <!-- required for layout of side regions --> <main class="main-content col order-3 sidebar-offcanvas" id="content"> <section class="section"> <a href="#main-content" id="main-content" tabindex="-1"></a> <div id="block-legal-bootstrap-content" class="block block-system block-system-main-block mb-3"> <div class="content"> <article data-history-node-id="541" lang="en-gb" class="node node--type-legal-page node--view-mode-full clearfix"> <header> <h2 class="node__title"> <a href="/en-gb/certifications-and-attestations" rel="bookmark"><span class="field field--name-title field--type-string field--label-hidden">HERE's Certifications and Attestations</span> </a> </h2> <div class="field field--name-field-effective-date field--type-datetime field--label-inline"> <div class="field__label">Effective date: </div> <div class="field__item"><time datetime="2023-11-17T12:00:00Z" class="datetime">Friday, 17 November, 2023</time> </div> </div> </header> <div class="node__content clearfix"> <div class="clearfix text-formatted field field--name-field-legal-content field--type-text-long field--label-hidden field__item"><p> </p><p><strong>ISO/IEC 27001:2022 - Information Security Management System (ISMS)</strong><img style="float:right;margin-bottom:5px;margin-top:5px;" src="https://here-legal-files-prod.s3.amazonaws.com/files/ISO27001_schellman_150x50px_Sep2022.png" alt="ISO/IEC 27001:2013" width="150" height="50"></p><p>HERE is successfully sustaining a high level of performance securing our environments via systematically evaluating information security risks, taking into account the impact of threats and vulnerabilities; implementing a comprehensive suite of information security controls and maintaining management processes to ensure that the information security controls meet our needs on an ongoing basis. <a href="https://www.iso.org/isoiec-27001-information-security.html" target="_blank"><strong>ISO/IEC 27001:2022</strong></a> is a security standard that outlines and provides the best practices and comprehensive security controls for an Information Security Management System (ISMS) following the<strong> </strong><a href="https://www.iso.org/standard/75652.html" target="_blank"><strong>ISO/IEC 27002</strong></a> best practice guidance.</p><p>View our <a href="https://www.schellman.com/certificate-directory?certificateNumber=1972237-5" target="_blank"><strong>ISO/IEC 27001:2022 certification details</strong></a>.</p><p><em>To verify the status of our certification, query Schellman’s certificate directory located at: </em><a href="https://www.schellman.com/certificate-directory" target="_blank"><em><strong>https://www.schellman.com/certificate-directory</strong></em></a></p><p>HERE has certification for compliance with ISO/IEC 27001:2022, ISO/IEC 27017:2015, and ISO/IEC 27018:2019. These certifications are performed by independent third-party auditors. Our compliance with these internationally recognized standards and codes of practice is evidence of our commitment to information security at every level of our organization, and that the HERE security program is in accordance with industry leading best practices.</p><hr><p> </p><p><strong>ISO/IEC 27701:2019 - Privacy Information Management System (PIMS)</strong><img style="float:right;margin-bottom:5px;margin-top:5px;" src="https://here-legal-files-prod.s3.amazonaws.com/files/ISO27701_schellman_150x50px_Sep2022.png" alt="ISO/IEC 27701:2019" width="150" height="50"></p><p>HERE compliments the widely used ISO/IEC 27001 and ISO/IEC 27002 standards for Information Security Management with the implementation of the Privacy Information Management System. HERE takes privacy into account in the creation and delivery of all our products and services, holding a high standard of honesty, integrity, and ethical conduct in our data processing practices. HERE complies with the requirements of applicable data protection and privacy laws and uses all reasonable measures to protect the privacy of all its users. The requirements and guidelines of Privacy Information Management System, including the additional controls to address as PII Controller and PII Processor, are implemented. HERE’s certification for <a href="https://www.iso.org/standard/71670.html" target="_blank"><strong>ISO/IEC 27701:2019</strong></a> is in the role of a data (PII) processor within its Information Security Management System (ISMS).</p><p>View our <a href="https://www.schellman.com/certificate-directory?certificateNumber=1972237-5" target="_blank"><strong>ISO/IEC 27001:2022 certification details</strong></a>.</p><p><em>To verify the status of our certification, query Schellman’s certificate directory located at: </em><a href="https://www.schellman.com/certificate-directory" target="_blank"><em><strong>https://www.schellman.com/certificate-directory</strong></em></a></p><p>ISO/IEC 27701:2019 is an extension to<strong> </strong><a href="https://www.iso.org/isoiec-27001-information-security.html" target="_blank"><strong>ISO/IEC 27001:2022</strong></a> and <a href="https://www.iso.org/standard/75652.html" target="_blank"><strong>ISO/IEC 27002</strong></a> standards that specifies the requirements and guidelines to establish and continuously improve the Privacy Information Management System (PIMS), including processing of Personally Identifiable Information (PII).</p><hr><p> </p><p><strong>ISO/IEC 27017:2015 - Security Controls for Cloud Services</strong><img style="float:right;margin-bottom:5px;margin-top:5px;" src="https://here-legal-files-prod.s3.amazonaws.com/files/ISO27017_schellman_150x50px_Sep2022.png" alt="ISO/IEC 27017:2015" width="150" height="50"></p><p>ISO/IEC 27017:2015 provides guidance on the information security aspects of cloud computing, recommending the implementation of cloud-specific information security controls that supplement the guidance of the <a href="https://www.iso.org/standard/75652.html" target="_blank"><strong>ISO/IEC 27002</strong></a> and<strong> </strong><a href="https://www.iso.org/isoiec-27001-information-security.html" target="_blank"><strong>ISO/IEC 27001</strong></a> standards. This code of practice provides additional information security controls implementation guidance specific to cloud service providers.</p><p>View our <a href="https://www.schellman.com/certificate-directory?certificateNumber=1972237-5" target="_blank"><strong>ISO/IEC 27001:2022 certification details</strong></a>.</p><p><em>To verify the status of our certification, query Schellman’s certificate directory located at: </em><a href="https://www.schellman.com/certificate-directory" target="_blank"><em><strong>https://www.schellman.com/certificate-directory</strong></em></a></p><hr><p> </p><p><strong>ISO/IEC 27018:2019 - Protection of Personally Identifiable information (PII)</strong><img style="float:right;margin-bottom:5px;margin-top:5px;" src="https://here-legal-files-prod.s3.amazonaws.com/files/ISO27018_schellman_150x50px_Sep2022.png" alt="ISO/IEC 27018:2019" width="150" height="50"></p><p>ISO/IEC 27018:2019 is a code of practice that focuses on protection of personal data in the cloud. It is based on ISO/IEC information security standard 27002 and provides implementation guidance on <a href="https://www.iso.org/standard/75652.html" target="_blank"><strong>ISO/IEC 27002</strong></a> controls applicable to public cloud Personally Identifiable Information (PII). It also provides a set of additional controls through the Annex A control set and associated guidance intended to address public cloud PII protection requirements not addressed by the existing <a href="https://www.iso.org/standard/75652.html" target="_blank"><strong>ISO/IEC 27002</strong></a>.</p><p>View our <a href="https://www.schellman.com/certificate-directory?certificateNumber=1972237-5" target="_blank"><strong>ISO/IEC 27001:2022 certification details</strong></a>.</p><p><em>To verify the status of our certification, query Schellman’s certificate directory located at: </em><a href="https://www.schellman.com/certificate-directory" target="_blank"><em><strong>https://www.schellman.com/certificate-directory</strong></em></a></p><hr><p> </p><p><strong>ISO/IEC 9001:2015 - Quality Management Systems</strong><img style="float:right;" src="https://here-legal-files-prod.s3.amazonaws.com/files/TUV+SUD+ISO+9001+Approved+Logo+112223.gif" alt="ISO/IEC 9001:2015" width="100" height="100"></p><p>ISO 9001:2015 is an international standard specifying requirements for a quality management system (QMS) designed to consistently provide products and services that meet customer and regulatory requirements. The objective is to define, continuously improve systematically, and to measurably achieve or exceed customer and business outcomes. HERE has been certified since 2004 and has continuously evolved and improved the company QMS accordingly.</p><p><em>To verify the status of our certification, query the TÜV SÜD certificate directory located at: </em><a href="https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.tuvsud.com%2Fen-us%2Fresource%2Fcertificate-finder%2Fmanagement-systems-certified-client-list&data=05%7C01%7Cdavid.magnuson%40here.com%7C58ffcfccd6884364333808dbeb789697%7C6d4034cd72254f72b85391feaea64919%7C0%7C0%7C638362676241654821%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=JLrRSjdcxQj%2BworLS9dPV0gID8ErViPw9gIq4OHiqUo%3D&reserved=0"><em><strong>https://www.tuvsud.com/en-us/resource/certificate-finder/management-systems-certified-client-list</strong></em></a><em>, </em></p><p><em>Certificate #:<strong>951235837 </strong>& Customer Name: <strong>HERE Global B.V.</strong></em></p><hr><p> </p><p><strong>ISO 14001:2015 - Environmental Management Systems</strong><img style="float:right;" src="https://here-legal-files-prod.s3.amazonaws.com/files/ISO14001_ISO45001+Approved+Logo.gif" alt="ISO/IEC 9001:2015" width="100" height="100"></p><p>ISO 14001:2015 is an internationally recognized standard for <strong>environmental management systems (EMS)</strong>. It provides a framework for organizations to design, implement, and continually improve their environmental performance. The objective is that organizations can ensure they are taking proactive measures to minimize their environmental footprint, comply with relevant legal requirements, and achieve their environmental objectives.</p><p><em>To verify the status of our certification, query the TÜV SÜD certificate directory located at: </em><a href="https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.tuvsud.com%2Fen-us%2Fresource%2Fcertificate-finder%2Fmanagement-systems-certified-client-list&data=05%7C01%7Cdavid.magnuson%40here.com%7C58ffcfccd6884364333808dbeb789697%7C6d4034cd72254f72b85391feaea64919%7C0%7C0%7C638362676241654821%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=JLrRSjdcxQj%2BworLS9dPV0gID8ErViPw9gIq4OHiqUo%3D&reserved=0"><em><strong>https://www.tuvsud.com/en-us/resource/certificate-finder/management-systems-certified-client-list</strong></em></a><em>,</em></p><p>Certificate #:<strong> 951235869</strong> & Customer Name: <strong>HERE Global B.V.</strong> </p><hr><p> </p><p><strong>ISO 45001:2018 - Occupational Health and Safety Management Systems</strong><img style="float:right;" src="https://here-legal-files-prod.s3.amazonaws.com/files/ISO14001_ISO45001+Approved+Logo.gif" alt="ISO/IEC 9001:2015" width="100" height="100"></p><p>ISO 45001:2018 is an internationally recognized standard that specifies requirements for an <strong>occupational health and safety (OH&S) management system</strong>. It provides a framework for organizations to manage risks and improve OH&S performance. The standard establishes criteria for an OH&S policy, objectives, planning, implementation, operation, auditing and review. Key elements include leadership commitment, worker participation, hazard identification and risk assessment, legal and regulatory compliance, emergency planning, incident investigation and continual improvement.</p><p><em>To verify the status of our certification, query the TÜV SÜD certificate directory located at: </em><a href="https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.tuvsud.com%2Fen-us%2Fresource%2Fcertificate-finder%2Fmanagement-systems-certified-client-list&data=05%7C01%7Cdavid.magnuson%40here.com%7C58ffcfccd6884364333808dbeb789697%7C6d4034cd72254f72b85391feaea64919%7C0%7C0%7C638362676241654821%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=JLrRSjdcxQj%2BworLS9dPV0gID8ErViPw9gIq4OHiqUo%3D&reserved=0"><em><strong>https://www.tuvsud.com/en-us/resource/certificate-finder/management-systems-certified-client-list</strong></em></a><em>,</em></p><p>Certificate #:<strong> 951235868</strong> & Customer Name: <strong>HERE Global B.V.</strong></p><hr><p> </p><p><strong>SOC 2 Type 2</strong><img style="float:right;" src="https://here-legal-files-prod.s3.amazonaws.com/files/image002.jpg" alt="SOC 2 Type 2" width="102" height="102"></p><p>The SOC 2 Type 2 is a report based on the Auditing Standards Board of the <a href="https://www.aicpa.org" target="_blank"><strong>American Institute of Certified Public Accountants</strong></a> (AICPA) existing Trust Services Criteria (TSC). The purpose of this report is to evaluate an organization’s information systems relevant to security, availability, processing integrity, confidentiality, and privacy.</p><p>HERE Technologies has achieved SOC 2 attestation for HERE Platform Foundation and Workspace. SOC 2 is a critical and rigorous audit that demonstrates to customers, prospective customers, and other interested parties that HERE has mature security and privacy capabilities.</p><hr><p> </p><p><strong>TISAX</strong><img style="float:right;" src="https://here-legal-files-prod.s3.amazonaws.com/files/image003.png" alt="TISAX Assessment" width="135" height="80"></p><p>HERE has completed the Trusted Information Security Assessment Exchange (TISAX) assessment with Very High Protection Needs (AL3) label with zero non-conformities for the control domains Information Handling and Data Protection. This standard provides the European automotive industry a consistent, standardized approach to information security systems. The Assessment was conducted by a TISAX audit provider (Schellman Compliance, LLC).</p><p>The results are available on the <a href="https://enx.com/en-US/TISAX/" target="_blank"><strong>ENX Portal</strong></a>. Scope ID: <strong>S0H13Y </strong>& Assessment ID: <strong>AMC977-1</strong>. </p><hr><p> </p><p><strong>CSA - Cloud Security Alliance</strong><img style="float:right;" src="https://here-legal-files-prod.s3.amazonaws.com/files/Schellman+CSA-STAR+Mark.png" alt width="150" height="61"></p><p><a href="https://cloudsecurityalliance.org/" target="_blank"><strong>Cloud Security Alliance</strong></a> (CSA) is a not-for-profit organization with a mission to “promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing.” </p><p>The Security Trust Assurance and Risk (STAR) Level 2 Certification is a rigorous third-party independent assessment of the security of a cloud service provider. The certification leverages the requirements of the ISO/IEC 27001:2013 management system standard together with the CSA Cloud Controls Matrix criteria. The STAR Level 2 certification with STAR validates for cloud customers the use of best practices and the security posture.</p><p>HERE completed the 3<sup>rd</sup> party audit to certify against CSA STAR Level 2 Third-Party Audit Level Certification. </p><p>View our<strong> </strong><a href="https://cloudsecurityalliance.org/star/registry/here-technologies" target="_blank"><strong>registry listing</strong></a>.</p><p>Learn more about the<strong> </strong><a href="https://cloudsecurityalliance.org/star/" target="_blank"><strong>Security Trust Assurance and Risk (STAR) Program</strong></a>. </p><hr><p> </p><p><strong>National Security Scheme (ENS)</strong><img style="float:right;" src="https://here-legal-files-prod.s3.amazonaws.com/files/ENS_2022-Feb-01.png" alt="National Security Scheme (ENS)" width="111" height="135"></p><p>A set of regulations that make it possible to create and maintain the necessary security conditions in the use of electronic media through measures that guarantee the security of systems, data, communications, and electronic services to facilitate the exercise of rights and fulfillment of duties through these media.</p><p>HERE has submitted Declaration of Conformity in the <a href="https://www.ccn-cert.cni.es/series-ccn-stic/800-guia-esquema-nacional-de-seguridad/1279-ccn-stic-809-declaracion-de-conformidad-con-el-ens/file.html" target="_blank"><strong>BASIC Category</strong></a>.</p><p>Learn more about <a href="https://ens.ccn.cni.es/es/que-es-el-ens" target="_blank"><strong>ENS</strong></a>.</p><hr><p> </p><p><strong>General Data Protection Regulation (GDPR) EU 2016/679</strong><img style="float:right;margin-bottom:5px;margin-top:5px;" src="https://here-legal-files-prod.s3.amazonaws.com/files/GDPR_Logo.jpg" alt="GDPR Icon" width="130" height="87"></p><p>HERE’s Information Security and Privacy programs supporting the HERE Platform Product Lifecycle Management framework have adopted the essential elements of the <a href="https://gdpr.eu/" target="_blank"><strong>General Data Protection Regulation (GDPR)</strong></a>. Requirements described in Chapter II through Chapter – V of the GDPR have met the obligations of the GDPR Type 1 attestation performed by our external auditor.</p><p>Learn more about <a href="https://gdpr.eu/" target="_blank"><strong>GDPR</strong></a>.</p><hr><p> </p><p><strong>HITRUST (Health Information Trust Alliance)</strong><img style="float:right;margin-bottom:5px;margin-top:5px;" src="https://here-legal-files-prod.s3.amazonaws.com/files/HITRUST-Certified-r2+Logo.png" alt="HITRUST Icon" width="130" height="130"></p><p>HITRUST Risk-based, 2-year (r2) Certified status demonstrates that the organization’s <strong>Location Services – Indoor Map to support Indoor Positioning, Geocoding and Routing Services</strong> has met key regulations and industry-defined requirements and is appropriately managing risk. This achievement places HERE in an elite group of organizations worldwide that have earned this certification.</p><p>By including federal and state regulations, standards, and frameworks, and incorporating a risk-based approach, the HITRUST Assurance Program helps organizations address security and data protection challenges through a comprehensive and flexible framework of prescriptive and scalable security controls.</p><p>Learn more about <a href="https://hitrustalliance.net/" target="_blank"><strong>HITRUST</strong></a>.</p></div> </div> </article> </div> </div> </section> </main> <div class="sidebar_first sidebar col-md-2 order-1" id="sidebar_first"> <aside class="section"> <nav aria-labelledby="block-legal-bootstrap-mainmenu--2-menu" id="block-legal-bootstrap-mainmenu--2" class="block block-menu navigation menu--main"> <h2 class="visually-hidden" id="block-legal-bootstrap-mainmenu--2-menu">Sidebar menu</h2> <ul class="clearfix nav navbar-nav"> <li class="nav-item menu-item--collapsed"> <a href="/no-no/terms" class="nav-link nav-link--no-no-terms" data-drupal-link-system-path="node/603">Terms</a> </li> <li class="nav-item menu-item--collapsed"> <a href="/no-no/privacy" class="nav-link nav-link--no-no-privacy" data-drupal-link-system-path="node/6">Privacy</a> </li> <li class="nav-item menu-item--collapsed"> <a href="/no-no/security" class="nav-link nav-link--no-no-security" data-drupal-link-system-path="node/16">Security</a> </li> <li class="nav-item active"> <a href="/no-no/certifications-and-attestations" class="nav-link active nav-link--no-no-certifications-and-attestations is-active" data-drupal-link-system-path="node/541" aria-current="page">Certifications and Attestations</a> </li> </ul> </nav> </aside> </div> </div> </div> </div> <footer class="site-footer"> <div class="container-lg"> <div class="site-footer__top clearfix"> <section class="region region-footer-first"> <div id="block-legal-bootstrap-customjs" class="block-content-basic block block-block-content block-block-contentc2037103-3146-4607-85dc-b6d46eb456b0 mb-3"> <div class="content"> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><script>let effectiveDate = document.querySelector('.field--name-field-effective-date') effectiveDate.style.display= "None"; </script></div> </div> </div> <nav aria-labelledby="block-legal-bootstrap-footer-menu" id="block-legal-bootstrap-footer" class="block block-menu navigation menu--menu-footer"> <h2 class="visually-hidden" id="block-legal-bootstrap-footer-menu">Footer</h2> <ul class="clearfix nav"> <li class="nav-item"> <a href="/no-no/terms/here-end-user-terms" title="" class="nav-link nav-link--no-no-terms-here-end-user-terms" data-drupal-link-system-path="node/599">Terms of Use</a> </li> <li class="nav-item"> <a href="/no-no/privacy" title="" class="nav-link nav-link--no-no-privacy" data-drupal-link-system-path="node/6">Privacy Policy</a> </li> <li class="nav-item"> <a href="/no-no/privacy/cookie-policy" title="" class="nav-link nav-link--no-no-privacy-cookie-policy" data-drupal-link-system-path="node/86">Cookie Policy</a> </li> <li class="nav-item"> <a href="/no-no/terms/imprint-impressum" class="nav-link nav-link--no-no-terms-imprint-impressum" data-drupal-link-system-path="node/31">© 2025 HERE</a> </li> </ul> </nav> </section> </div> </div> </footer> </div> </div> </div> <script type="application/json" data-drupal-selector="drupal-settings-json">{"path":{"baseUrl":"\/","pathPrefix":"no-no\/","currentPath":"node\/541","currentPathIsAdmin":false,"isFront":false,"currentLanguage":"no-no"},"pluralDelimiter":"\u0003","suppressDeprecationErrors":true,"ajaxTrustedUrl":{"\/no-no\/search\/result":true},"user":{"uid":0,"permissionsHash":"13e1b3f7af17b04d58445834d5b9ada05c82da32f41774683d7d39dcebbd932e"}}</script> <script src="/themes/custom/legal_bootstrap/js/popper.min.js?v=10.3.1"></script> <script src="/themes/custom/legal_bootstrap/js/bootstrap.min.js?v=10.3.1"></script> <script src="/core/assets/vendor/jquery/jquery.min.js?v=3.7.1"></script> <script src="/core/assets/vendor/once/once.min.js?v=1.0.1"></script> <script src="/core/misc/drupalSettingsLoader.js?v=10.3.1"></script> <script src="/core/misc/drupal.js?v=10.3.1"></script> <script src="/core/misc/drupal.init.js?v=10.3.1"></script> <script src="/themes/custom/legal_bootstrap/js/bssk.js?v=10.3.1"></script> <script src="/themes/custom/legal_bootstrap/js/jquery-ui.js?v=10.3.1"></script> <script src="/themes/custom/legal_bootstrap/js/jquery.tocify.js?v=10.3.1"></script> <script src="/themes/custom/legal_bootstrap/js/custom.js?v=10.3.1"></script> <script src="/core/misc/debounce.js?v=10.3.1"></script> <script src="/core/misc/form.js?v=10.3.1"></script> </body> </html>