‍At Veryable, we take data security and privacy seriously. Protecting your information—and the trust you place in our platform—is a top priority. This page outlines the key security measures we’ve implemented, certifications we’ve achieved, and initiatives currently underway to enhance our security posture even further.

‍Our Privacy Commitment
‍Veryable’s Privacy Policy outlines how we collect, use, and protect personal data. We are transparent about the information we gather, and we only use it to improve your experience on our platform. We do not sell your data. Any third-party sharing is done strictly for necessary services, and only with secure, vetted partners.

We comply with all applicable privacy laws, including CCPA, GDPR, and state-level privacy frameworks in jurisdictions.

‍Key Highlights:
‍-We collect only what we need
-Data is encrypted in transit and at rest
-Users can access, correct, or delete their data at any time
-We use Cookies responsibly and disclose all use in our privacy policy‍

---------------------------------------------------------------------------------------------------------------------------------

‍SOC 2 Certification
‍We’ve successfully completed SOC 2 Type I and SOC 2 Type II audits, performed by an independent third-party auditor. These reports are available under NDA to business partners.

What Is SOC 2?
‍SOC 2 (System and Organization Controls) is a security framework developed by the AICPA. It evaluates how well a company safeguards customer data and ensures compliance with five trust service principles: security, availability, processing integrity, confidentiality, and privacy.

‍Type 1: examines the design of controls at a single point in time

‍Type 2: Tests the effectiveness of those controls over a period of time (typically 6–12 months).

Why It Matters:
-Demonstrates our controls are both designed and proven to work in practice.
-Gives our partners and customers assurance that their data is safe.
-Meets enterprise procurement and risk management standards.

---------------------------------------------------------------------------------------------------------------------------------

‍ISO 27001 – In Progress
‍We are currently in the process of achieving ISO/IEC 27001:2022 certification—an international gold standard for information security management systems (ISMS). We are targeting certification completion in Q3 2025, and have already implemented the foundational controls required under the standard.

What Is ISO 27001?
ISO 27001 outlines how to build and maintain a robust information security management system.

It covers:
-Risk assessment
-Asset management
-Access controlIncident response
-Continuous improvement

What This Means for You:
-Even stronger internal safeguards for sensitive business and user data
-Third-party validation of our end-to-end security program
-Ongoing risk monitoring and reduction
‍
---------------------------------------------------------------------------------------------------------------------------------
‍
Platform Security Features-Multi-factor authentication (MFA) for all admin users
-Data encryption using TLS 1.2+ for in-transit and AES-256 at rest
-Role-based access controls for internal systems
-Continuous vulnerability scanning and third-party penetration testing
-Data loss prevention (DLP) and endpoint monitoring

‍---------------------------------------------------------------------------------------------------------------------------------
‍
‍Security Questions?
‍For more information or to request a copy of our SOC 2 reports, please contact: compliance@veryableops.com‍