Security & Privacy

At Veryable, we take data security and privacy seriously. Protecting your information—and the trust you place in our platform—is a top priority. This page outlines the key security measures we’ve implemented, certifications we’ve achieved, and initiatives currently underway to enhance our security posture even further.

-----------------------------------------------------------------------------

Our Privacy Commitment

Veryable’s Privacy Policy outlines how we collect, use, and protect personal data. We are transparent about the information we gather, and we only use it to improve your experience on our platform. We do not sell your data. Any third-party sharing is done strictly for necessary services, and only with secure, vetted partners.

We comply with all applicable privacy laws, including CCPA, GDPR, and state-level privacy frameworks in jurisdictions.

Key Highlights:

  • We collect only what we need.
  • Data is encrypted in transit and at rest.
  • Users can access, correct, or delete their data at any time.
  • We use cookies responsibly and disclose all use in our policy.

-----------------------------------------------------------------------------

SOC 2 Certification

We’ve successfully completed SOC 2 Type I and SOC 2 Type II audits, performed by an independent third-party auditor. These reports are available under NDA to business partners.

What Is SOC 2?

SOC 2 (System and Organization Controls) is a security framework developed by the AICPA. It evaluates how well a company safeguards customer data and ensures compliance with five trust service principles: security, availability, processing integrity, confidentiality, and privacy.

  • Type I: Examines the design of controls at a single point in time.
  • Type II: Tests the effectiveness of those controls over a period of time (typically 6–12 months).

Why It Matters:

  • Demonstrates our controls are both designed and proven to work in practice.
  • Gives our partners and customers assurance that their data is safe.
  • Meets enterprise procurement and risk management standards.

-----------------------------------------------------------------------------

ISO 27001 – In Progress

We are currently in the process of achieving ISO/IEC 27001:2022 certification—an international gold standard for information security management systems (ISMS).

What Is ISO 27001?

ISO 27001 outlines how to build and maintain a robust information security management system. It covers:

  • Risk assessment
  • Asset management
  • Access control
  • Incident response
  • Continuous improvement

We are targeting certification completion in Q3 2025, and have already implemented the foundational controls required under the standard.

What This Means for You:

  • Even stronger internal safeguards for sensitive business and user data.
  • Third-party validation of our end-to-end security program.
  • Ongoing risk monitoring and reduction.

-----------------------------------------------------------------------------

Platform Security Features

  • Multi-factor authentication (MFA) for all admin users
  • Data encryption using TLS 1.2+ for in-transit and AES-256 at rest
  • Role-based access controls for internal systems
  • Continuous vulnerability scanning and third-party penetration testing
  • Data loss prevention (DLP) and endpoint monitoring

-----------------------------------------------------------------------------

Security Questions?

For more information or to request a copy of our SOC 2 reports, please contact: compliance@veryableops.com.