Security Policy

Security is a vital part of our user experience, and the privacy of our users is our top priority. We implement industry-leading data security standards and proactively address security concerns ahead of new features.

Independent Compliance Validation

We maintain SOC 2 Type 2 compliance for security with no exceptions. This means that an independent third party has both validated our processes and practices with respect to security and confirmed our ability to maintain controls. Our audit report is available upon request.

Infrastructure and External Security

Our main application platform is hosted on secure, segregated cloud environments within industry-leading cloud providers.

• We utilize a trusted, third-party service for secure document signing that is compliant with relevant electronic signature laws.
• All documents are stored at a high-availability, SSAE-18 (or SSAE-16) and ISO 27001 certified data center.
  ‍

Data Protection and Encryption

• Data at rest is secured using industry-standard, strong encryption (e.g., AES-256).
• All data in transit is protected by SSL/TLS encryption.
• We employ an extra layer of encryption for particularly sensitive material, utilizing strong algorithms (e.g., AES-256) with off-site key management services.
  ‍

Internal Security Controls

Our company utilizes a mandatory Virtual Private Network (VPN) for all access to administrative tools and user data. Multi-factor authentication is required for access to all internal systems.

• Access to customer data is strictly limited to authorized personnel and only when required for specific purposes, such as customer support.
• We maintain a comprehensive audit trail of all administrative access to customer data to prevent misuse and unauthorized activity.
  ‍

Additional Questions?

Contact us at info@meetsummer.com 

‍