logo|
Trust Center

Our Trust Center offers a centralized resource for understanding how we protect your data and uphold the integrity of our platform. It provides in-depth information about our security architecture, data encryption methods, access controls, and continuous monitoring systems. You'll also find details on our compliance with industry standards and regulations such as GDPR, CPCA, and ISO 27001.

Our Trust Center offers a centralized resource for understanding how we protect your data and uphold the integrity of our platform....

Controls

All Controls

Status

  • Data Encryption

    All customer data is encrypted at rest and in transit.

    Product Security

  • Access Controls

    Role-based access control with least-privilege principle.

    Product Security

  • Vulnerability Scanning

    Regular automated scanning of all production systems.

    Product Security

  • Secure SDLC

    Security requirements baked into every phase of the development lifecycle.

    Product Security

  • Code Reviews

    Mandatory peer and automated security code reviews for all changes.

    Product Security

  • Employee Training

    Annual security awareness training (phishing, social engineering, etc.).

    Internal Security

  • Device Management

    Mobile Device Management (MDM) enforced on all company-issued devices.

    Internal Security

  • Background Checks

    Comprehensive pre-employment screening for all staff.

    Internal Security

  • Multi-Factor Authentication

    Required for access to all critical internal systems.

    Internal Security

  • Logging & Monitoring

    Centralized log aggregation with real-time alerting on suspicious activity.

    Internal Security

  • Patch Management

    Formal monthly OS and application patching cadence.

    Internal Security

  • GDPR Compliance

    Data-Processing Agreements, data subject rights process, and breach notification.

    Compliance

  • HIPAA-Ready

    Technical, administrative, and physical safeguards per HIPAA rules.

    Compliance

  • ISO 27001 Certification

    Maintained ISO/IEC 27001:2013 Information Security Management System.

    Compliance

  • CCPA/CPRA Compliance

    Consumer privacy rights, opt-out processing, and transparency notices.

    Compliance

  • Incident Response

    Documented IR plan, tabletop exercises and annual full-scale tests.

    Operational & Governance

  • Business Continuity & Disaster Recovery

    BCP/DR plans with quarterly recovery-drills and RTO/RPO targets.

    Operational & Governance

  • Change Management

    Formal change-approval board, scheduled maintenance windows, audit logging.

    Operational & Governance

  • Data Loss Prevention (DLP)

    Automated discovery and blocking of unauthorized data transfers.

    Operational & Governance

  • Physical Security

    Badge access controls, CCTV monitoring, and visitor management at all offices.

    Operational & Governance

  • Third-Party Risk Management

    Annual security assessments and contractual controls for all vendors.

    Operational & Governance