Security and Trust at SwiftComply
At SwiftComply, we place the highest importance on data security. We are proud to have earned SOC 2 Type II certification and have undergone rigorous security processes to ensure the utmost protection of your data. When moving to SwiftComply we offer personalized support to ensure a seamless experience. And if you ever have any questions about our security, we’re always here to chat and put your mind at ease
Our products are designed with multiple layers of technical and operational controls to ensure your data is always protected. We have implemented a comprehensive information security management system that includes policies and procedures related to network security, data security, access control, incident response, backups, change management, risk management, vulnerability and patch management, and vendor risk management. You can trust SwiftComply to keep your data safe and secure.
We’re SOC 2 Type 2 Security Compliance Certified
Since October 2021, we have held SOC 2 Type 2 certification for our third generation of software, one of the highest accolades for SaaS companies in cybersecurity. This certification assures you that our strict security and data privacy controls are in place to protect your data and earn your trust.
Access our security documents
Get in touch to request SwiftComply's detailed security documents.
Our Security Commitment to You
Frequently Asked Questions
You retain complete ownership rights over your data. Rest assured, we will only utilize your data to provide the services outlined in your service agreement.
We store and process all data on the secure Google Cloud Platform (GCP). GCP ensures reliable and robust infrastructure, offering a trustworthy environment for your data.
Our daily database backups are retained for a period of seven days. The management of these backups is handled by the Google Cloud Platform.
We provide a self-serve platform that grants your application admin complete control over deleting or archiving customer data. Additionally, our support team is available to assist with any specific requests you may have.
Yes. During transit, your data is encrypted using HTTP over TLS, which ensures a secure connection. When at rest, your data is protected by GCP encryption keys. GCP services tightly control the physical security of our infrastructure.
Absolutely! Our team conducts regular security tests, including vulnerability audits and penetration tests. We leverage third-party tools like OWASP ZAP to perform comprehensive security assessments. These tests are carried out weekly to ensure the ongoing strength of our security measures.
Yes, we have a well-defined incident response program in place. This program establishes clear processes for effectively managing information security incidents and events. Rest assured; our team is prepared to handle any security incidents promptly and efficiently.