Security & Compliance
Your data security is our top priority. We implement industry-leading security measures and maintain compliance with global data protection standards.
Audited security controls for service organizations
Full compliance with EU data protection regulations
Compliance with California consumer privacy laws
Information security management standards (In Progress)
How We Protect Your Data
Multiple layers of security ensure your data is protected at every level.
End-to-End Encryption
256-bit SSL/TLS encryption for data in transit and AES-256 encryption for data at rest.
Secure Infrastructure
Hosted on SOC 2 compliant cloud infrastructure with multiple redundancy layers.
Access Controls
Role-based access control, SSO/SAML support, and mandatory 2FA for all accounts.
Continuous Monitoring
24/7 security monitoring, intrusion detection, and automated threat response.
Data Handling & Storage
Where is data stored?
Your data is stored in secure, SOC 2 compliant data centers. We offer regional data residency options for EU customers.
How long is data retained?
We retain data for the duration of your subscription. Upon account deletion, data is permanently removed within 30 days.
Who has access to data?
Access is strictly limited to authorized personnel who require it for support or operational purposes. All access is logged and audited.
Is data shared with third parties?
We never sell your data. We only share data with service providers necessary to operate the platform, all bound by strict data protection agreements.
Security Best Practices
- Regular third-party penetration testing
- Vulnerability scanning and patch management
- Employee security training and background checks
- Incident response and disaster recovery plans
- Data backup with geographic redundancy
- Audit logging and activity monitoring
- Vendor security assessments
- Secure software development lifecycle (SDLC)
Compliance & Certifications
SOC 2 Type II
We have completed SOC 2 Type II certification, demonstrating our commitment to security, availability, and confidentiality. This certification verifies that our security controls are designed and operating effectively.
GDPR Compliance
We are fully compliant with the General Data Protection Regulation (GDPR). This includes data subject rights, lawful basis for processing, data protection impact assessments, and Data Processing Agreements (DPAs) for customers.
CCPA Compliance
We comply with the California Consumer Privacy Act (CCPA), ensuring California residents can exercise their rights to know, delete, and opt-out of the sale of their personal information.
Questions About Security?
Our security team is available to answer your questions and provide additional documentation.