Security

Security at Teads: An Overview

Security by design is at the heart of everything we do, allowing us to safeguard our Advertisers, Publishers, and users. For transparency and openess, we have documented an overview of our continued dedication to implementing the latest security best practices and technologies.

Certifications & Compliance

Teads SOC2 & CSA CAIQ Compliance
logo self assessment

SOC2

Teads is SOC 2 Type II compliant. To request a copy of our report and other audits please complete the form below to receive our reports.

SOC2 request form

Operations & Monitoring

Software

Cloud services are continuously monitored by our in-house Security Operations Centre. Our CI/CD pipeline allows us to seamlessly improve our product offerings while undergoing rigorous testing.

Vulnerability Management

Assets are scanned continuously for vulnerabilities and are remediated according to industry standard SLAs according to severity.

Vulnerability Disclosure

Teads has partnered with YesWeHack to operate our bug bounty program. We only review reports submitted through the platform. To be added to our program please send your username to security@teads.com. We will then give you access to see our scope and qualifying vulnerabilities.

Cloud Native

google cloud logo

Infrastructure

Our services are delivered on our cloud-native infrastructure, hosted on AWS and GCP. Both of these hold relevant security certifications for the protection of data and are available upon request from the providers.
Service availability and continuity is guaranteed by load-balancing across multiple availability zones per region. Data is backed up every 24 hours at minimum.

Platform and network security

Access to the Teads Platform is encrypted using TLS 1.2. SSO is available upon request, please speak to your account manager.
Cloud systems are placed behind a WAF, a strict ACL is implemented to prevent access from unauthorized networks.

Data

logo LGPD

Privacy

Teads applications are multi-tenant apps. Data is separated through logical and functional controls. AWS data is regionalised, the EU is the default region and there is no communication between the regions.
First party analytics data is stored on Google Cloud Platform (GCP) in the USA. Data transfer for this is covered by the EU Model Clause, and analyzed IPs are hashed (if applicable). With respect to various regional data regulations, we comply with:

  • GDPR
  • CPRA
  • LGPD
For more information on how Teads strives to deliver more user control, please see our self-regulation commitments.

Protection

Data is encrypted both at rest and in transit, with deletion occurring automatically as part of a complete data lifecycle. For information regarding data collection and user rights, please see our Privacy Policy.