Contact us

Thank you for contacting us!

Your submission has been received and we'll be in contact with you shortly.

Return home
Oops! Something went wrong while submitting the form.


Last updated: May 30, 2024

Organizational Security

Information Security Program
Our Information Security Program, aligned with the SOC 2 Framework, is communicated throughout the organization. It defines clear roles and responsibilities for protecting customer data.

Third-Party Audits and Penetration Testing
We undergo independent third-party assessments and annual penetration tests to validate our security and compliance controls.

Security Awareness Training
All team members undergo security awareness training covering industry-standard practices and information security topics, such as phishing and password management.

Confidentiality and Background Checks
Team members sign a confidentiality agreement and undergo background checks in accordance with local laws.

Cloud Security

Cloud Infrastructure and Data Hosting
Our services are hosted with AWS, which maintain robust security programs. For more information on our provider’s security processes, please visit AWS Security. Data is hosted in the United States, encrypted at rest and in transit using TLS/SSL.

Vulnerability Scanning and Monitoring
We undergo independent third-party assessments and annual penetration tests to validate our security and compliance controls.

Business Continuity and Disaster Recovery
We use our data hosting provider’s backup services to reduce any risk of data loss in the event of a hardware failure. We utilize monitoring services to alert the team in the event of any failures affecting users.

Incident Response
We have a process for handling information security events which includes escalation procedures, rapid mitigation and communication.

Access Security

Permissions and Authentication
Access to our cloud infrastructure is limited to authorized employees. We implement Single Sign-on (SSO), 2-factor authentication (2FA), and strong password policies.

Least Privilege Access Control and Quarterly Reviews
We follow the principle of least privilege for identity and access management and conduct quarterly access reviews.

Vendor and Risk Management

Annual Risk Assessments
We undergo at least annual risk assessments to identify any potential threats, including considerations for fraud.

Vendor Risk Management
Vendor risk is determined and the appropriate vendor reviews are performed prior to authorizing a new vendor.

Contact Us

If you have any questions, comments or concerns or if you wish to report a potential security issue, please contact