Security

Enterprise-grade data protection.

Your workforce data is sensitive. We treat it with the security rigor it deserves.

SOC 2 Type II

Our infrastructure and processes are independently audited for security, availability, and confidentiality.

Encryption at Rest & In Transit

All data is encrypted using AES-256 at rest and TLS 1.3 in transit. Keys are managed via dedicated KMS.

Role-Based Access Control

Granular permissions ensure only authorized personnel can access sensitive employee data.

Data Residency Options

Enterprise customers can choose data residency regions to comply with local regulations (GDPR, CCPA).

Security practices

Our security program is designed around continuous improvement and transparency.

  • Regular penetration testing by third-party security firms
  • Automated vulnerability scanning on every deployment
  • Employee background checks and security training
  • Incident response plan with 24-hour notification SLA
  • Data retention policies aligned with customer requirements
  • Audit logging for all data access and modifications
  • Multi-factor authentication enforced for all team members
  • Vendor security assessments for all third-party integrations

Questions about our security posture? security@churnvision.tech