Security Resources Hub

We demonstrate our commitment to security by applying industry standards and regulation across all of our processes and products.

SOC2 Type II

Integrate.io is certified as SOC 2 compliant. Integrate.io has an annual penetration test performed by a 3rd party security firm leveraging the latest security penetration testing tools and methodologies. We work diligently to ensure that these strict security and privacy standards are continuously maintained. Reports are shared with customers upon request.
HIPAA

Integrate.io adheres to the Business Associate’s standards and complies with HIPAA in protecting personal health information (PHI). Please contact your Integrate.io representative if you need a Business Associate Agreement (BAA) signed.
GDPR

Integrate.io complies with EU General Data Protection Regulation (GDPR) as a secure and reliable data processor. The Integrate.io Terms of Use include an updated Data Processing Addendum (DPA) to support customers’ GDPR compliance needs.
CCPA

Privacy rights and consumer protections are at the forefront of Integrate.io’s considerations. We, as a data processor, comply with the California Consumer Privacy Act (CCPA). Please reach out if you need a CCPA addendum from your representative.

We demonstrate our commitment to security by applying industry standards and regulation across all of our processes and products.

We demonstrate our commitment to security by applying industry standards and regulation across all of our processes and products.

ISO:27001 and SOC 2 Certified Data centers in N. Virginia, Oregon, Frankfurt, Dublin, Tokyo & Sydney
Shared Responsibility Model using prominent 3rd party vendors (AWS & Heroku)
Environments for Enterprise customers in their region of choice

Annual security awareness; HIPAA, GDPR, work from Home, and phishing training
Background checks on all employees prior to access
RBAC and principle of least privilege enforced across teams
Annual penetration tests and business risk reviews
Semi-annual vendor security review
Minimum data collection limited to lawful basis required to provide services
Customer cluster & customer data deleted after job processing, logs deleted after 30 days
Adherence to GDPR requirements and data subject rights.
Regular security log review
Continuous Integration/Continuous Deployment through CodeShip, GitHub and SAST tools
Customer data encrypted in transit and at rest
Regular data backups; ability to preserve for forensic purposes if required

Mark Smallcombe

Chief Technology Officer

CISSP™, CCSP™, Masters of Cybersecurity (in progress)
Jonathan Siegel

Board Chairman

CISSP™, CREST CPSA/CRT™, Masters of Cybersecurity

We’re here, whenever you need a helping hand.

CISSP and cybersecurity certified team to power your data security strategy and implementation.

Cyber Insurance by HISCOX ClearTech
PCI DSS Compliant Payment Processing

Integrate.io is Level 4 Integrate.io’s

Integrate.io’s Payment Processor is Level 1
SOC 2 Compliant