Trust Center

Security at Iterate

Security is built into the fabric of our products, team, infrastructure, and processes, so you can rest assured your data is safeguarded.

Show Navigation
Overview
Overview
👤
Login
  • Compliance
  • Data Security
  • Privacy
  • Incident Management & Response
  • Availability & Reliability
  • Organizational Security
  • Business Continuity
  • Infrastructure
  • Threat Management
  • Subprocessors
  • Compliance

    Last updated Sun, Jun 20, 2021
    • CCPA

      For Iterate customers, Iterate is a “service provider” under the CCPA. We process personal information only on behalf of our customers. The personal information that's collected is in complete control of the customer, based on what questions they choose to ask. We collect and store that data only for the purpose of providing our services to the customer and we do not sell that information to third parties.

    • Swiss-US Privacy Shield

      Iterate is self-certified under the US & Swiss privacy shield frameworks.

    • GDPR

      We are committed to the principles inherent to the GDPR and particularly the concepts of privacy by design, the right to be forgotten, and data consent. Iterate customers are in complete control of what user data they collect based on the questions they choose to ask. We provide tools for customers to delete their data as well as customer data, and provide APIs to automate this process.

  • Data Security

    Last updated Sun, Jun 20, 2021
    • Data Encrypted At-Rest

      All user data is encrypted at rest.

    • Data Encrypted In-Transit

      All user data is encrypted via HTTPS/TLS

    • Passwords Encrypted

      Customer passwords are encrypted using bcrypt and include a per-user salt.

  • Privacy

    Last updated Sun, Jun 20, 2021
    • Privacy Policy
  • Incident Management & Response

    Last updated Sun, Jun 20, 2021
    • Data Breach Notification
  • Availability & Reliability

    Last updated Sun, Jun 20, 2021
    • Data Redundancy

      Data is stored across a cluster of servers ensuring high availability and uptime.

    • Infrastructure Redundancy

      Application servers are dynamically added based on load and constantly monitored and replaced in the event of a loss of availability.

  • Organizational Security

    Last updated Sun, Jun 20, 2021
    • Employee Background Checks

      All full-time employees are subject to background checks.

    • Employee Security Training

      Security is built into our engineering process from the start. All full-time employees are trained on our privacy and security best-practices, all code is peer-reviewed and audited to ensure it is secure and we're constantly monitoring for new risk mitigation strategies.

    • Employee Workstations Automatically Locked
    • Employee Workstations Encrypted

      All employee workstations are password protected and enabled with disk encryption.

    • Limited Employee Access (Principle of Least Privilege)

      Employee access is limited to the minimum amount of access needed to perform their job.

    • Physical Access Control
  • Business Continuity

    Last updated Sun, Jun 20, 2021
    • Business Continuity Plan
    • Data Backups

      All user data is backed up and retained for 30 days.

  • Infrastructure

    Last updated Sun, Jun 20, 2021
    • Multi-Tenant Architecture
  • Threat Management

    Last updated Sun, Jun 20, 2021
    • Bug Bounty

      Iterate offers financial compensation for self-reported bug and vulnerability reports subject to the discretion of our security team based on the severity of the issue.

  • Subprocessors

    Last updated Sun, Jun 20, 2021
    • Name
      Purpose
      Location
      Amazon Web Services
      Application hosting and data storage
      USA
      Amplitude
      User analytics
      USA
      Google Analytics
      User analytics
      USA
      MongoDB
      Database storage
      USA
      Sentry
      Error monitoring
      USA