GDPR
CCPA
PCI DSS
SOC 2 Type II
SOX
Continuously tracks system performance and integrity to ensure service continuity.
Uses firewalls and network segmentation to control and protect data traffic.
Implements advanced tools for real-time threat detection and response.
Regularly scans and addresses vulnerabilities to maintain system security.
Collects, centralizes and analyzes security logs for effective threat management.
A dedicated team to handle, investigate and solve security incidents.
External and internal penetration tests are conducted annually by third-party audit firms.
Annual training for all employees and additional role-specific training.
Regular assessments to identify and mitigate internal risks.
Dedicated environments for processing and storing PII and PCI data.
Protects data both when stored and during transmission.
Regular backups to ensure data recovery in case of loss.
Continuous monitoring of data access to prevent unauthorized use.
Adheres to standard data retention policies with customizable options.
Policies to govern, amongst others, data handling, storage, retention and access.
A dedicated officer to oversee privacy practices.
Training programs to ensure employees understand privacy requirements.
Mechanisms to answer data access requests, including but not limited to deletion and correction. See Privacy Policy.
Detailed records of data processing activities.
Global Privacy Compliance Program to ensure our compliance with GDPR, CCPA, and all other data privacy compliance regulations we may be subject to.
Encourages external researchers to find and report vulnerabilities through our HackerOne Program.
Utilizes static and dynamic analysis to identify security issues.
Manages and mitigates vulnerabilities in open source components.
Provides training to developers on secure coding practices.
Encrypts data on disks to protect against unauthorized access.
Monitors and responds to threats on endpoints.
Manages and secures mobile devices accessing our systems.
Evaluates device security status before granting access.
Requires MFA and Single Sign-On for sensitive applications.
Supports passwordless options to enhance security.
Grants the minimum level of access necessary for each user.
Adopts a zero trust model for secure network access.
Maintains logs and monitors access for security oversight.
Conducts reviews every quarter to ensure access controls remain effective.
California consumers have the right to opt out of the sale* of their personal information. For more information on how we securely process personal information, please see our Privacy Policy.
Do not sell my info
* The definition of "sale" under the California Consumer Privacy Act is applicable only to California consumers.
