²ÝÝ®ÊÓƵ
Skip to main content
Trust

    Privacy

    Forever protecting your data.

    At ²ÝÝ®ÊÓƵ, we understand that personal data is one of your most valuable assets and deserves the highest level of protection. We uphold industry-leading standards of privacy and security while empowering you to meet your data protection obligations.

    ''

    What drives us.

    Illustration Product Mobile Download Clock Morning Crop Gradient 4
    Prioritizing privacy.

    We don't just react to privacy regulations, we anticipate them. By actively implementing robust safeguards and cutting-edge, privacy-enhancing technologies and methodologies, we future-proof our services and ensure our customers' data remains protected¡ªeven as the regulatory landscape evolves.

    We embed privacy-by-design considerations into every stage of our product development lifecycle¡ªfrom initial design to deployment and beyond. We know that privacy requirements may differ by industry, geography, and approach. To help you meet your obligations, our platform includes configurable privacy tools.

    Our privacy practices are backed by a comprehensive compliance program, and we regularly undergo third-party audits and certifications to demonstrate our commitment to protecting your data.

    How we safeguard your privacy.

    ''
    Protecting your data in Europe and beyond.

    We understand that your data may need to travel. That's why we've implemented a robust and multi-layered approach to ensure your data remains protected, no matter where it goes.

    ?

    Here's how we ensure secure data transfers outside of the European Union, the United Kingdom, and Switzerland.

    ?

    Adequacy decisions.

    The European Commission recognizes certain countries (and properly certified commercial organizations) around the world that offer an adequate level of protection for personal data. ²ÝÝ®ÊÓƵ relies on adequacy decisions in relation to transfers of personal data to the United States (U.S.), New Zealand, Switzerland and the UK.

    ?

    U.S. Data Privacy Frameworks.

    ²ÝÝ®ÊÓƵ is self-certified under the EU-U.S., Swiss-U.S. and UK-U.S. Extension to the Data Privacy Framework maintained by the U.S. Department of Commerce. Our certifications can be inspected in the official Data Privacy Framework List of the U.S. Department of Commerce by searching for ¡®²ÝÝ®ÊÓƵ¡¯.

    ?

    Binding corporate rules.

    ²ÝÝ®ÊÓƵ is one of the few companies worldwide with approved processor binding corporate rules (BCRs), demonstrating our commitment to the highest standards of data protection. BCRs are a set of internal data protection policies that govern personal data processing within a multinational group. The BCRs are accessible here.

    ?

    Standard contractual clauses.

    Our data processing terms incorporate the latest European Commission¡¯s Standard Contractual Clauses (SCCs), a standard mechanism for safeguarding international data transfers.

    ?

    Transfer impact assessments.

    ²ÝÝ®ÊÓƵ has conducted transfer impact assessments (TIAs) in line with the recommendations issued by the European Data Protection Board (EDPB). We've also published a comprehensive to assist customers who choose to perform their own TIAs in connection with their use of our enterprise cloud applications.

    At ²ÝÝ®ÊÓƵ, security isn't just a feature¡ªit's the bedrock on which our services are built. We understand that your data is invaluable, and we're dedicated to safeguarding it with unwavering vigilance.


    Our comprehensive security program encompasses robust technical and organizational measures designed to protect your data from any threat, whether accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.

    We invest in achieving certifications to leading industry standards and frameworks¡ªproviding our customers with independent verification of our commitment to privacy. And we go above and beyond to ensure our privacy practices meet the highest standards.

    ?

    Our certifications and attestations include:

    • SOC 1 and SOC 2 reports. These reports provide assurance that our controls and processes for handling customer data are designed and operating effectively.????

    • ISO 27001 and ISO 27018 certifications. These certifications demonstrate our compliance with international standards for information security and cloud privacy.????

    • EU Cloud Code of Conduct (EUCCoC) adherence. This adherence confirms that our technical and organizational measures meet the stringent requirements of the EU GDPR. Read for more information.

    ?

    Customers can reference these certifications and reports to gain confidence in our privacy practices and comply with their own regulatory obligations. Learn more about our compliance program.

    We recognize that entrusting your data to subprocessors requires careful consideration. That's why we hold our subprocessors to the same stringent privacy and security standards that we uphold ourselves. Each subprocessor undergoes a rigorous screening process before being engaged, and we maintain a comprehensive list of all subprocessors for full transparency.

    We believe that education is key to fostering a culture of privacy. We¡¯re committed to providing our employees with the knowledge and resources they need to protect personal data and comply with data protection regulations.

    RESOURCES

    Resources for you.

    Explore All Resources
    Datasheet ²ÝÝ®ÊÓƵ¡¯s Robust Privacy Program Read Datasheet
    Web Page ²ÝÝ®ÊÓƵ Binding Corporate Rules Learn More
    Web Page ²ÝÝ®ÊÓƵ Transparency Reports Learn More

    Learn how our platform moves you forward.

    Ready to talk?
    Get in touch.

    Please accept cookies to continue.

    This content is blocked due to your cookie preferences for this site. By clicking here, you accept and . ²ÝÝ®ÊÓƵ will save your choice in a session cookie.