Security Compliance

Sortment is committed to protecting your data. It is built with industry-leading standards in mind.

1. SOC2 Compliance

Sortment complies with SOC2 Type II standards, ensuring that data security, availability, processing integrity, confidentiality, and privacy are maintained:

• Security: All data is encrypted and access-controlled, preventing unauthorized use.

• Availability: The system is designed for high availability, with backup and disaster recovery measures in place.

• Confidentiality: Sensitive data, including user and business information, is managed confidentially throughout the data lifecycle.

• Processing Integrity: Data processing is accurate and reliable, with custom filters and segmentation tools ensuring accurate audience creation.

• Privacy: Sortment complies with privacy regulations and provides users control over their personal data.

Sortment undergoes regular SOC2 audits by independent third parties to ensure compliance.

2. ISO 27001 and ISO 27701 Compliance

Sortment follows the ISO 27001 and ISO 27701 information security management standard, focusing on:

• Information Security Management System (ISMS): A formal ISMS ensures that Sortment continuously assesses and mitigates risks associated with data security.

• Risk Management: Regular risk assessments are conducted to identify potential security threats and mitigate them promptly.

• Employee Training: All employees undergo mandatory training to stay updated on the latest security best practices and threats.

By adhering to the standards, Sortment ensures that data security is embedded across all processes and operations.