Skip to main content


Q&A with Piceasoft ICT & Security Director Marko Stålhammar about our ISO 27001 certificate

Piceasoft is known as a company that takes information security and data privacy seriously. Piceasoft operates with demanding B2B customers globally who run business-critical operations. Disruptions are not acceptable.

We interviewed Piceasoft ICT & Security Director Marko Stålhammar to learn more about the company’s approach to business security.

Piceasoft ICT & Security Director Marko Stålhammar

Q: Why are information security and data privacy so important?

The general target for information security is to protect the confidentiality, availability, and integrity of sensitive information.

Whether information is about the company, our employees, or customers, it is the most important asset; therefore, protecting this information is critical.

Q: How are security and data privacy seen at Piceasoft?

At Piceasoft, we think that you cannot be too careful when it comes to data privacy. Firstly, any incident could lead to trust issues with our customers, and secondly, we respect and follow GDPR regulations.

ISO 27001 certification, along with GDRP compliance, is an advantage for a European company, like Piceasoft, compared to a non-European company. GDPR sets the bar high for handling personal information and data privacy. In addition to the GDPR, we comply with Finland’s strict privacy laws and regulations.

We have taken several steps to ensure data security actions are put in place and that we have effective policies, processes, and responsibilities defined to manage and minimize potential risks.

Q: Can you tell a bit more about these actions?

Piceasoft has a set of rules and policies on information security and privacy. These are constantly kept up-to-date and communicated to all of Piceasoft’s employees. We regularly arrange security knowledge and awareness training and internally communicate relevant topics using newsletters, videos, or short information-sharing sessions.

As a recognition for the work done in this area, we are certified to comply with the ISO/IEC 27001 standard. Annual follow-up audits ensure we continuously improve our information security and data protection practices. This internationally recognized certification demonstrates that we have taken the necessary steps in our information security to protect our business. This standard also serves as a solid ground for other similar standards. Our customers can be assured that we follow the highest security standards and legislation wherever we operate.

While this requires ongoing work, and we constantly need to review and optimize our information security management system to ensure our maturity, I’m proud of our achievements. It is great to be among the highly valued group of ISO-certified companies.

To learn more visit:

About Piceasoft Ltd

Located in Tampere, Finland, and founded in 2012, Piceasoft creates new business opportunities within the mobile device circular economy. Our ever-expanding platform and ecosystem powers companies at all levels to offer mobile device trade-in, support, repair, and recycling services. Working with customers and partners in over 70 countries, our platform provides a single solution for businesses to introduce new services and revenue streams while reducing e-waste and promoting sustainability.