Security

Our commitment to security.

Your data and privacy are important to us. We'll never sell your data and we'll always be transparent about how we handle your company's information. Our system was built with security in mind and we're constantly working to improve it.

Our software goes through regular penetration testing from firms that are located within North America. Additionally, we've hired a team that's experienced with security policies and procedures to ensure that we're always doing our best to keep your data safe.
  • Regular Penetration Testing The only way to ensure that our system is battle tested is through third-party penetration testing. Rest-assured that our first priority is handling P0 flagged by our penetration testers and reports.
  • Industry Set Security Policies You're only as good as the regular security practices you implement. Security is an ongoing battle and we've deployed the best security standards you know for incident response, backups policies, disaster recovery, and more.
  • Transparency Our security isn't only about our practices but how we're handling your data and where your data goes. We'll never sell or share your data without your consent.

We're always working to continuously improve our security practices. If you'd like more insight, have suggestions for improvements, identified a potential threat, or would like to report a security issue as a whitehat, please send us a message at our help form. We take these issues seriously and will respond promptly.

Our Security Infrastructure

We host our data with DigitalOcean which has SOC 2 Type II Reports and Data Center Certifications available. We store our data behind CloudFlare which provides a layer of security to our platform. You can check out their Security Portfolio here. All of our data is hosted in the US and EU.

Data Privacy

“We’re all going to have to change how we think about data protection.”
Elizabeth Denham – Former UK Information Commissioner

In terms, of data privacy we follow guidelines from California Consumer Privacy Act (CCPA) and the General Data Protection Regulation (GDPR). Your data is always anonymous when in the context of analytics, business intelligence, and third-party vendors. This applies to both your company and personal information that pertains to your teammates.

Want to learn more?

We have a thorough catalogue of policies that are not publicly available. This ensures that our team is following the best practices and owners of particular security functions are well defined.

We have many security policies that we're happy to share with you including: incident response, data retention, disaster recovery, backups, device management, and more. We provide these to nearly all enterprise customers. If you're interested in learning more or you require these documents, please reach out to us through our contact page.