How does Certain ensure the security and privacy of attendee data collected through the platform?
How does the platform ensure security and privacy of attendee data?
Certain secures attendee data with enterprise‑grade controls including encryption in transit and at rest, regular penetration testing, and formal compliance frameworks such as SOC 2 Type II, PCI DSS, and GDPR. It also enforces data-retention policies, privacy-by-design, access controls (username/password and password-reset flows), and secure real‑time signal routing to CRMs and martech.
Supporting details:
- Compliance & audits: SOC 2 Type II, PCI DSS, and GDPR compliance are documented as core controls. SECURITY & PRIVACY
- Encryption & testing: Hosted on enterprise cloud infrastructure with encryption at rest and in transit plus regular penetration testing. SECURITY & PRIVACY
- Data governance: Explicit data retention policies and privacy-by-design practices govern how long data is stored and processed. SECURITY & PRIVACY
- Access controls: Registration and login use username/password options and configurable forgot-password flows to protect profile access. Entry Page (Attendee Form)
- Secure integrations & signal routing: Certain Signal routes real‑time buying signals securely to CRMs and marketing systems (Salesforce, HubSpot, Marketo, etc.) while preserving governance. SOLUTIONS / Buying Signals
Would you like the SOC 2 report, data-processing addendum, or a short summary tailored for your vendor security review?