behaviour-lab_logo

How Behaviour Lab achieved ISO 27001 and GDPR compliance with DataGuard

“DataGuard helped us vet our policies and procedures and in the future with its platform will help us manage and keep our policies up to date.”

behaviourlab_calin_coman-enescu

Calin Coman-Enescu

Head of Operations

Behaviour Lab

Behaviour Lab works with asset managers, private equity firms, insurance companies and executive boards, helping them improve how they make investments by reducing biases’ negative effect have on performance. They use analytics and behavioural science to examine the impact on performance and how to limit these effects.

Location

UK

Company size

Small & medium business

Industry

Profesional services - Finance

Product

Security

The goal: Behaviour Lab's highly sensitive data made information security a priority

Behaviour Lab works hands-on with very sensitive data like trading data, investment theses and emotional data. They collect investment decision data over several years, run that through their algorithm and derive behavioral nudges for customers, such as: ‘Your strengths lie in buy selection and weighting, but you leave money on the table when deciding when to sell, impacting your fund negatively by X%’. Their algorithms and the client data they process pose a massive information security risk due to the highly confidential nature of both the inputs and outputs of their software platform. So, they wanted to work towards ISO 27001 and GDPR compliance proactively. They set very clear goals:

Get ISO 27001 certified
Define Privacy controls for GDPR compliance
Train their employees on Information Security & Privacy

Choosing DataGuard

DataGuard checked the right boxes: In-house experts, technology and European operations

ISO 27001 and GDPR compliance was high on the agenda of Behaviour Lab. They had to ensure that their information security controls were tightened and all data privacy measures in place.

“I like the DataGuard Academy the most. Trainings are very useful as they have helped everyone in the company become more conscious of information security” said Calin Coman-Enescu, Head of Operations at Behaviour Lab.

They started preparing for ISO 27001 on their own, but soon realized they didn’t have the necessary knowledge and expertise in-house. They were not sure if what they did was good enough, leading to uncertainty of passing the ISO 27001 audit.

Behaviour Lab started looking for external support, evaluating some UK-based consultancies. DataGuard checked the right boxes – DataGuard's operations in the EU meant that the in-house experts had extensive knowledge and expertise on the UK and EU regulations. The Privacy, ISO and SOC2 roadmap looked promising, so Behaviour Lab felt confident that they were in safe hands.

“The Policy Generator feature of the platform looks promising as it will reduce manual effort massively on our end. I’m not stressed about the upcoming changes in ISO Standards because I won’t need to manually rework our policies” added Coman-Enescu of Behaviour Lab.

ISO 27001 and GDPR TO FUEL BEHAVIOUR LAB’S SALES PIPELINE AND IMPROVE EMPLOYEE AWARENESS

Post ISO 27001, Behaviour Lab have noted a meaningful reduction in the number of even minor security incidents versus its already very strict internal policies. What’s more, employees have become more proactive in reporting even minor incidents. Behaviour Lab doubled their headcount during this time.

Thanks to ISO 27001 and continuous GDPR compliance, they have standardized their processes. Despite significant growth, everything has stayed the same instead of getting disorganized.

Looking to the future - SOC 2 with DataGuard

Having started with ISO 27001 certification and GDPR compliance, Behaviour Lab is now piloting SOC2 certification with DataGuard.

Managing Privacy and Information Security in one place via DataGuard has already simplified project management, task completion, and stakeholder collaboration. In the future, the platform will bring in more efficiency by digitizing and speeding up manual tasks. Meanwhile, DataGuard’s experts are at hand to provide advice and guidance throughout Behaviour Lab’s journey.

How can we help?Contact us.

DataPrivacyManagement_Leader_Leader

DataPrivacyManagement_MomentumLeader_Leader

DataPrivacyManagement_Leader_EMEA_Leader

DataPrivacyManagement_Leader_Europe_Leader

ConsentManagementPlatform(CMP)_EasiestSetup_EaseOfSetup

English

🏢 Organization Schema Preview (Development Only)

{
  "@context": "https://schema.org",
  "@graph": [
    {
      "@type": "Organization",
      "@id": "www.dataguard.com#organization",
      "name": "DataGuard",
      "legalName": "DataCo GmbH",
      "description": "DataGuard, the European leader in security and compliance software, is trusted by more than 4,000 organizations across 50+ countries. We help you identify and manage your security and compliance risks and fast-track your certifications and compliance by combining expert consultancy with AI-powered automation. Our purpose-built, all-in-one platform is developed with the experience of over 1.5 million total hours by a team of certified security and compliance experts.",
      "foundingDate": "2018",
      "taxID": "DE315880213",
      "logo": "https://7759810.fs1.hubspotusercontent-na1.net/hubfs/7759810/DataGuardLogo.svg",
      "url": "www.dataguard.com",
      "email": "info@dataguard.de",
      "telephone": "+49 89 452459 900",
      "address": {
        "@type": "PostalAddress",
        "streetAddress": "Sandstrasse 33",
        "addressLocality": "Munich",
        "addressRegion": "Bavaria",
        "postalCode": "80335",
        "addressCountry": "Germany"
      },
      "sameAs": [
        "https://www.linkedin.com/company/dataguard1/",
        "https://www.youtube.com/channel/UCEQzPZ6sCBCj9cAoBvaLL6w",
        "https://x.com/i/flow/login?redirect_after_login=%2FDataGuard_dg"
      ]
    }
  ]
}

✅ Organization schema markup for "DataGuard" has been injected into the document head.