Monitoring
Compliance
We adhere to the highest standards of security
SOC 2 Type 2
Service Organization Controls (SOC 2) (Type II) trust services principles
ISO 27001
ISO/IEC 27001:2022 information security, cybersecurity and privacy protection
GDPR
Protect the personal data and privacy of EU citizens for transactions that occur within EU member states
CCPA
California Consumer Privacy Act, is legislation designed to improve the data privacy of California residents
Resources
Get our latest security and compliance resources and reports
SOC 2 Type 2 report
Period July 1, 2023 to June 30, 2024
ISO 27001 certificate
ISO 27001:2022 certificate (February 6, 2024)
Pen Test Executive Summary
An executive summary of Secureframe's most recent penetration test
Data processing addendum
Agreement between Secureframe and data processors
Additional subprocessor background
More information on our subprocessors and policies
Privacy policy
More background on the data we collect and how it is used
Terms of service
Secureframe's terms for end users
Subprocessors
AWS
Cloud Hosting Services
Catamorphic Co. (Launch Darkly)
Feature Flag Management
Fivetran
Data Pipeline ETL
Functional Software, Inc. (Sentry)
Error tracking
OneSchema
Data Import Structuring
OpenAI
AI platform and large language model capability.
Retool
Customer provisioning and administration
Sigma Computing
Data analytics and Visualization
Talend
Data pipeline ETL