Compliance
ISO/IEC (Type||)
Report available upon request
ISO/IEC (Type||)
Report available upon request
Request access to receive reports and supporting evidence under standard confidentiality terms.
Controls
Data Governance
Data Goverance
- Secure SDLC policy defined
- Change management controls defined
- Incident management process defined
- Business continuity and disaster recovery plan maintained
Program governance
- Security program policy maintained
- Security & privacy training program maintained
- Third-party processor oversight defined
Product & engineering
- Secure SDLC policy defined
- Change management controls defined
- Incident management process defined
Internal procedures
- BYOD approved software controls defined
- Third-party processor management policy maintained
- Security documentation and evidence pack available upon request
- Business continuity and disaster recovery plan maintained
Request Controls Evidence
Resources
Data collected
Customer business personally identifiable information (PII)
Collected
Credit card information
Not collected
Personal health information (PHI)
Not collected
List of SubProcessors
A list of trusted third-party subprocessors we use, along with information about their services and data protection responsibilities.