SimpleCert® SOC 2 Compliance: Secure Certificate Management Solutions
At SimpleCert®, our SOC 2 compliance (System and Organization Controls 2) underscores our commitment to secure certificate management solutions. Trusted by industry-leading organizations across the USA, our commitment to security ensures that your certificates and recipient data are managed with the utmost integrity and protection.
SimpleCert® has achieved SOC 2 Type 2 compliance, demonstrating that our operational excellence in customer data protection has been rigorously tested and validated over an extended period.
Site and Service Documents
Explore our customer-centric legal agreements designed to safeguard credentials and data, ensuring compliance with regulatory standards.
Security Policies
SimpleCert®’s enterprise-level security and IT infrastructure protect your certification data, mitigating risks of unauthorized access, theft, and misuse of information.
Our Stance in Protecting Your Credentials and Data
Under SOC 2 compliance, we take data privacy seriously, implementing stringent measures to guard your information. At SimpleCert®, ensuring the confidentiality and integrity of your data is paramount.
Institutions that use their SimpleCert® accounts benefit the most in our SOC 2 Compliance.
Less spending on annual audit costs on management system software.
Enhanced brand reputation with industry-leading standards on data protection.
Prevent financial, reputational, and legal losses from security breaches.
Be compliant with other data security frameworks (ISO 27001, HIPAA, etc.) regarding organization-relevant privacy policies and regulations.
Strengthen the confidence of their customers with the latest reliable security criteria and protocols.
Site and Service Agreements
Everything You Need to Know About the Terms, Agreements, and Adherence of Our Organization.
Privacy Policy
Know our privacy measures for collecting, using, and protecting your Personally Identifiable Information (PII).
Terms of Service
Explore our legal terms and your use of services per the laws of Oregon, USA.
Cookie Policy
Discover how SimpleCert® uses cookies and similar tools to identify visitors.
Your SOC 2 Compliant Certificate Management System
Based on the 5 Trust Service Principles of the SOC 2 Certification criteria.
Secuirity
SimpleCert®’s security and IT infrastructure fully comply with cutting-edge enterprise-level standards. Utilizing continuous threat and intrusion testing against SOC 2 compliance requirements, you can rest assured that your certification data, from application to email security, is safeguarded at the utmost level.
Availability
Ensuring your recipients have uninterrupted access to awarded credentials and certifications is our priority at SimpleCert®. Under SOC 2 compliance, we optimize network performance, manage scheduled downtimes efficiently, and swiftly address any security incidents to minimize disruptions to your certification program.
Processing Integrity
As a service organization, we streamline creating, sending, and storing certificates for your recipients. Our automated reporting ensures that you comply with industry-leading regulations, providing peace of mind and efficiency in managing your certification process with integrity.
Confidentiality
We prioritize the confidentiality of your data and your certifications as per SOC 2 compliance. Certificate recipients have the option to restrict access to their PII data contained on the Simplecert® platform. Data is never transferred between users or accounts or to external data centers. SimpleCert® does not sell, reuse, or share any uploaded data within your account.
Privacy
At SimpleCert®, we uphold privacy standards, such as honoring Third-Party Disclosures, Do-Not-Track (DNT) signals, and Fair Information Practices. This commitment extends to safeguarding the privacy of the data (PII and otherwise) that you have uploaded to your account.
Information on Security Controls, Privacy Measures, and Compliance
To underscore our dedication to security, we implement rigorous Enterprise-grade compliance audits and organization policies beyond SOC 2 compliance.
SOC 2 Compliance
Our certified SOC 2 compliance demonstrates that our system controls align with the five trust principles the American Institute of Certified Public Accountants set forth, underscoring our commitment to security and trustworthiness. A copy of our report is available upon request.
GDPR Compliance
Our GDPR compliance reflects our diligent management of the personal data of EU residents, as outlined in the law. This demonstrates our commitment to privacy and data protection.
Data Encryption
Access to our servers is strictly via SSL, utilizing robust encryption protocols to safeguard your information during transmission.
QR Code Scanning
For advanced and above monthly subscribers, each of your generated certificates can have a unique QR Code to validate the authenticity and access vital information about the certificate.
AWS Cloud Hosting Service
SimpleCert®'s infrastructure is securely hosted on Amazon Web Services (AWS), leveraging 2,500 security controls of AWS data centers to protect entity objectives.
99.99% Application Uptime
SimpleCert® maintains an uptime of 99.99% due to the robust architecture and recovery measures provided by AWS.
Penetration Testing
Penetration testing is conducted routinely to adhere to SOC 2 compliance and IT regulatory standards.
Disaster Recovery
To request a copy of SimpleCert®’s Disaster Recovery manual, please email inquiries@simplecert.net.
Frequently Asked Questions on SOC 2 Compliance and More
Have more questions? Contact us about your inquiries.
Do You Provide SOC 2 Compliance Reports Upon Request?
SimpleCert®’s SOC 2 Compliance Reporting is available upon request. To request a report, please email inquiries@simplecert.net.
Is It Possible to Obtain Penetration Testing Reports Upon Request?
Please email inquiries@simplecert.net to request a penetration testing report.
How Can I Securely Delete My Data From SimpleCert®?
For certificate recipients, to delete PII data from SimpleCert®, simply fill out the request form to have personal information removed. You can also delete your billing information, a recipient from a project, or any data you have uploaded or manually entered into your account. If you wish to delete your SimpleCert® account and all certificate data permanently, simply click on the “Delete Account” option in your Admin settings and follow the listed steps.
SimpleCert® is not liable for any loss or deletion of data within your account, regardless of the cause. We uphold strict confidentiality standards and do not share, reuse, sell, or distribute any of your data at any time, as per SOC 2 compliance.
Where is My Data Physically Stored within SimpleCert®'s Infrastructure?
SimpleCert®’s data infrastructure resides on Amazon Web Services (AWS) Cloud infrastructure, which is physically located in the United States.