Customer confidence and information security is critical to everything we do at ChatShipper.
More than 1000 businesses trust ChatShipper (aka, CS) with their customer communications, expecting their data to be protected and secure. That’s why we sweat the details. Through rigorous security checks, data encryption, employee screenings and compliance with industry regulations, we ensure your data is safe with us.
Data center and network security
CS services are hosted on Google Platform. As such, ChatShipper inherits the control environment which Google maintains and demonstrates via SOC 1, 2 and 3, ISO 27001/27017/27018 and FedRAMP reports and certifications. Web servers and databases run on servers in secure data centers.
Logical access to the ChatShipper production system is restricted by an explicit need-to-know basis, utilizes least privilege. It is frequently audited and monitored and is controlled by our production and security teams. Premises are monitored and access is logged.
ChatShipper encrypts all customer data, both in transit and at rest. Communications between you and Smooch servers are encrypted via HTTPS and Transport Layer Security (TLS) industry best-practices.
BEST PRACTICES AND EDUCATION
We implement industry best practices to ensure the confidentiality and integrity of your data.
Incident response plan
We have implemented a formal procedure for security events and have educated all our staff on our policies.
All new hires are screened through the hiring process and required to sign non-disclosure and confidentiality agreements.
Security and privacy training
All new employees attend a security training during the onboarding process. In addition, all employees must take the ChatShipper Security and Privacy training once a year, which covers the information security policies, security best practices, and privacy principles.
ChatShipper has designed its Privacy Program based on European privacy laws to ensure that no matter where they are located, customers using our platform will be able to comply with any privacy framework, including the GDPR.
Investing in your privacy
We understand the privacy commitments you make to your customers, employees, and users.
Internal processes and audit
Our Chief Privacy Officer works with our developers to make sure we comply with applicable international privacy laws.
Service data processing
We primarily process personal data on behalf of our customers. Our privacy practices are outlined in the privacy statement for service data.
European Union Data Hosting
ChatShipper customer data is hosted, stored and backed up entirely within the EU.