Please see our security measures webpage for a detailed overview of our technical and organizational security measures as well as our Trust Report for real-time information on control performance and operational security.
We align our compliance program with leading information security standards, undergoing annual independent audits for SOC 1 and SOC 2 compliance. Please see our Trust Report to access a copy of our relevant audit report(s).
We design our products and services with data protection in mind and embrace relevant data privacy and data security laws and regulations, such as GDPR and CCPA. We implement safeguards and controls to help maintain the privacy and security of our customers’ data, including their employee data. For example, we encrypt customer data with AES-256, block-level encryption when stored and encrypt customer data via TLS when transmitted.
We are dedicated to improving the security of our products and services. We maintain a private, invite-only bug bounty program, with the assistance of HackerOne. Invited researchers may be eligible for payment. Non-invitees may still submit a security bug or vulnerability to CaptivateIQ via this form. If you have any feedback on things we could do better, we’d love to hear from you!