Trust Center

Welcome to Digital Turbine's Trust Center.

As the world’s leading Independent Mobile App Growth & Monetization Platform, our commitment to security, privacy, and compliance is at the core of our business. This page provides information on how we protect your data and ensure the integrity of our products and services. At Digital Turbine, we are dedicated to earning and maintaining your trust.

Click the button below for any questions or concerns about our security, privacy, or compliance practices.

Contact us

Corporate Information Security

At Digital Turbine, we prioritize the security of our corporate infrastructure and assets. Our comprehensive Information Security Management program is designed to protect against internal and external threats. Key elements of our Information Security Management program include:
  • Access Control: We enforce strict access controls and regularly review permissions to ensure that only authorized personnel have access to sensitive information.
  • Advanced Threat Protection: We utilize state-of-the-art technologies to prevent, detect, and respond to cyber threats. Our security team continuously monitors our systems for unusual activity and potential vulnerabilities.
  • Incident Response and Recovery: Our dedicated incident response team is prepared to act swiftly in the event of a security incident, with detailed protocols for investigation, mitigation, and recovery.
  • Employee Training and Awareness: All employees undergo rigorous training in cybersecurity best practices, ensuring they understand their role in maintaining a secure environment.
Digital Turbine maintains the following Information Security policies:
  • Acceptable Use Policy: Defines appropriate and acceptable use of DT assets
  • Change Management Policy: Provides Change Management requirements
  • Computer Security Incident Response Plan: Provides breach response checklists
  • Data Classification Policy: Provides data classification guidelines and instructions
  • Data Encryption Policy: Details guidelines on encrypting DT data
  • End User Systems - Security Policy and Authorized Software: Lists workstation security and authorized software
  • High-Level Information Security Policy: Provides high-level statements of all Information Security Policies
  • Identity and Access Management Policy: Defines authentication, password, and authorization requirements
  • ISC Governance Document Management Policy & Procedures: Outlines requirements and guidance related to ISC policy documents
  • Network Security Policy:  Covers wireless access security
  • Physical Access Control: Provides information on key card access requirements
  • Risk Management Policy: Guides the Risk Management Program
  • Security Awareness Training Policy: Provides Information Security Training requirements
  • Security Incident Response Policy: Provides guidance on the Incident Response Plan
  • Third Party Security Management Policy: Details SOC reviews and onboarding policies
  • Vulnerability Management Policy: Guides the Vulnerability Management Program

Product Security

Digital Turbine is committed to delivering secure and reliable products. Our approach to product security includes:
  • Secure Development Lifecycle (SDLC): Security is integrated into every stage of our product development process, from design to deployment. We conduct regular code reviews and security testing to identify and mitigate potential vulnerabilities.
  • Encryption: We employ robust encryption methods to protect data in transit and at rest, ensuring that sensitive information is secure from unauthorized access.
  • Regular Security Assessments: We conduct regular security assessments, including penetration testing and vulnerability scanning, to identify and address potential security issues.
  • Third-Party Integrations: We carefully evaluate and monitor third-party integrations to ensure they meet our stringent security standards.
Click the links below to preview the product security profiles, and to request an account for accessing and downloading product security profile artifacts, including:
  • SOC reports
  • Vulnerability & Penetration testing reports
  • Industry Standard Security questionnaires (e.g., VSA and CAIQ)
Note: Access to detailed product security profile artifacts is subject to approval of your account request and is subject to acceptance of the terms of Digital Turbine's Non-Disclosure Agreement.
For more specific product security requirements, get in touch with your Digital Turbine account representative for further assistance.

Data Privacy

Protecting your privacy is fundamental to our operations. We adhere to global privacy standards and regulations to ensure your data is handled with the utmost care. Our privacy practices include:
  • Data Collection and Usage: We are transparent about the data we collect and how it is used. Our privacy policy provides detailed information on the types of data we collect, the purposes for which it is used, and your rights as a data subject or a consumer.
  • Data Minimization: We prioritize data minimization by collecting, processing, and retaining only the personal data necessary for legitimate business purposes. This reduces unnecessary data exposure and aligns with our compliance obligations under global privacy laws and regulations.
  • Privacy by Design: We incorporate privacy by design principles into our product development processes, ensuring that data protection is a core consideration at every stage. This approach enables us to safeguard personal data from conception to implementation.
  • Contractual Assurances: We uphold strong privacy standards by embedding robust data protection clauses in our contracts. These include commitments to implement technical and organizational measures that safeguard personal data, ensuring our customers and partners can rely on us to maintain compliance with global privacy laws and regulations.
  • Privacy Training: We conduct annual training for our employees to promote the responsible and secure handling of personal data. These training programs empower our employees with a clear understanding of their responsibilities regarding the appropriate use of personal data and ensure compliance with Digital Turbine's policies.

Compliance

Digital Turbine’s practices align with regulatory requirements and industry standards to help protect our data's confidentiality, integrity, and availability and promote the reduction of business and technology risk.

We are committed to maintaining compliance with global laws, regulations, and industry standards. Our compliance framework includes:
  • Regulatory Compliance: We adhere to all relevant regulations, including SOX, GDPR, CCPA, and other data protection laws, ensuring the highest standards of data privacy and security.
  • Certifications and Audits: Our systems and processes are regularly audited by independent third parties to verify compliance with regulations and industry standards. We maintain certifications such as SOC 2, which demonstrates our commitment to information security management.
  • Internal Controls: We implement robust internal controls to prevent fraud, ensure accurate financial reporting, and maintain compliance with legal and regulatory requirements
  • Ethical Standards: We uphold the highest ethical standards in all our business practices, fostering a culture of integrity and transparency.
Refer to the Product Security section for a preview of and access to detailed, product-specific compliance reports, attestations, and self-assessments for industry-standard security questionnaires. For more specific product security requirements, please contact your Digital Turbine representative.