Loopio Data Privacy & Security
A Secure, Reliable Platform Experience
Maintaining the confidentiality, integrity, and availability of your data is critical to our team. As part of our ongoing commitment to putting our customers first, Loopio has built a robust and transparent data protection program.
Software That’s Secure by Design
Certified by Industry Standards
Every year, Loopio undergoes SOC 2 Type II audit by a third-party firm to ensure customers are protected across various levels.
Data Encryption Protection
Whether your data is in transit or at rest, all Loopio customer data is encrypted through industry leading-standards: TLS v1.2 in transit and AES256 at rest.
Secure and Reliable Infrastructure
Customer data is hosted through Amazon Web Services (SOC 1, SOC 2, and SOC 3 certified). Our web servers and databases are load-balanced across multiple availability zones.
Enterprise Security Standards
Single Sign-on Support
Loopio offers single sign-on (SSO) through Security Assertion Markup Language (SAML) 2.0 and Google authentication. Our platform integrates with standard systems including Okta, OneLogin, as well as Microsoft Azure and ADFS.
Annual Penetration Testing
We conduct third-party penetration testing on an annual basis, which includes critical security risks listed by the Open Web Application Security Project® (OWASP). This simulates a real-world cyberattack to ensure our systems and your data remain secure.
GDPR and CCPA Compliant
Loopio handles personal information with compliance in mind. Our platform is General Data Protection Regulation (GDPR) compliant and meets the California Consumer Privacy Act (CCPA) standards.
Restricted Access & Authorization
Data Segregation & Security
Customer data is logically separated through strict coding standards, code reviews, and database design. These records also have a unique customer identifier that ensures maximum data security.
Access Management & Controls
Loopio applies access controls in accordance with the ‘principle of least privilege’. Meaning that access to customer data is only granted to authorized employees who require it to perform their roles and all system access is logged.
Thorough System Management
Loopio has extensive change management controls in place. All system changes directly impacting our customers follow rigorous planning and transparent communication.
Proactive Security Protocols
Employee Privacy & Security Training
Security is a company-wide endeavor. All employees complete an annual security training program and employ best practices when handling customer data.
Rigorous Policies & Procedures
Loopio’s information security management system is based on industry best practices (ISO 27001). Through this framework, customers can trust that working with Loopio is a reliable, consistent, and secure experience.
Stringent Vendor Evaluations
Loopio conducts thorough evaluations and security reviews of its vendors. We ensure that all vendors processing confidential customer data adhere to industry-leading control standards.
Learn more about our policies on Loopio’s privacy page.