Security and Compliance

Peace Of Mind

Our Security and Data Privacy Framework

Delivering stellar experiences isn’t possible without data. Here’s a snapshot of how we make sure your data is secured and protected.

Certifications, Standards, and Regulations

Joveo maintains the necessary industry-standard certifications and compliances. Our goal is to ensure the highest level of data security and privacy for our employees, customers, and partners.

Certifications

SOC 2 Type 2: This is an independent assessment of our internal control environment, which reports on our controls system and its suitability with respect to protecting customer data. The SOC 2 Type 2 report is based on the American Institute of Certified Public Accountants’s (AICPA) Trust Services Criteria and is issued annually.

ISO 27001: This internationally recognized standards-based approach to security demonstrates our commitment to security. Joveo has been continually ISO 27001-certified since August 03, 2023.

Adherence to Standards

GDPR: Joveo’s products are in full compliance with General Data Protection Regulation (GDPR), a European Union regulation on information privacy in the European Union and the European Economic Area.

CCPA: We are compliant with the California Consumer Privacy Act (CCPA), intended to enhance privacy rights and the protection of Personal Information and extend the same level of protection to all those in the US.

Data security is as important to us as it is to you. If you would like to view our security and compliance certifications, please let us know and we’ll be in touch shortly.

Processes:

We ensure adequate control over all data we process, based on adherence to multiple international standards. This includes mechanisms such as encryption at rest and in transit, access control, data retention, anonymization, etc. We also maintain a record of processing activities (ROPA) for all data stored in our system.

Training:

Our teams are trained to understand all vital aspects of security, including auditing, vulnerability tracking and resolution, secure coding practices, and data security, among others.

Monitoring:

Monitoring tools assist our team in identifying and addressing sensitive events, 24/7/365. Among others, we use AWS GuardDuty, ZAP, Prowler, and kube-bench.

Auditing:

We regularly conduct internal and third-party audits to ensure that our security policy and procedures are maintained and updated, as required.

Penetration Testing:

We conduct penetration testing on an annual basis, to ensure our clients’ data is secured against external threats.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.