ISO 27001 Documentation
Our information security management system (ISMS) documentation aligned with ISO 27001 requirements.
About ISO 27001
ISO 27001 is the international standard for information security management. It provides a framework for establishing, implementing, maintaining, and continually improving an information security management system (ISMS).
The following documents describe how anonym.legal implements ISO 27001 controls to protect your data.
Policy
Our comprehensive information security policy framework
Access
How we control and manage access to systems and data
Incident
Procedures for responding to security incidents
Risk
Our approach to identifying and managing security risks
Soa
Which ISO 27001 controls apply to our organization
ISO 27001 FAQ
What is ISO 27001?
ISO 27001 is the international standard for information security management systems (ISMS). It provides a systematic approach to managing sensitive information through policies, procedures, and technical controls to ensure confidentiality, integrity, and availability.
Is anonym.legal ISO 27001 certified?
anonym.legal operates on ISO 27001-certified infrastructure (Hetzner Germany) and implements ISO 27001 controls throughout our platform. Our ISMS documentation includes security policies, access control, incident response, and risk assessment procedures.
What security controls does anonym.legal implement?
We implement controls across all ISO 27001 domains: access control (Zero-Knowledge auth, 2FA), cryptography (AES-256-GCM, TLS 1.2/1.3), physical security (German data centers), operations security (monitoring, logging), and communications security (encrypted transit).
How does anonym.legal handle security incidents?
Our incident response procedure includes 24/7 monitoring, automated alerting, defined escalation paths, forensic capture capabilities, and post-incident review. Critical incidents trigger immediate response with customer notification within regulatory timeframes.
Can I get a copy of anonym.legal's security documentation?
Yes. Our ISO 27001 documentation is publicly available on this page, including our security policy, access control procedures, incident response plan, and risk assessment methodology. For additional documentation or DPA requests, contact our security team.