Standards and certificates
We regularly work with independent experts to verify our security, privacy, and compliance controls, and have achieved certification against stringent global standards.
SOC 2
We work with an independent auditor to maintain a SOC 2 Type II report, which certifies our controls to ensure security, availability, and confidentiality. In addition to our SOC 2 report, we maintain a SOC 3 report for general use and distribution. Click here to download.
GDPR
Our Privacy Policy and Data Processing Agreement (DPA) reflect the requirements of the GDPR. We’ve worked with TrustArc, the leader in privacy compliance and data protection, to ensure compliance with all aspects of the GDPR.
Privacy Shield
We are certified under the EU-U.S. Privacy Shield Framework for user data transfer and storage.
State-of-the-art security
Security informs all aspects of our product and infrastructure at Affinity.
Encryption
We encrypt all sensitive data both at rest and in-transit using robust, industry-leading encryption algorithms.
Network security
Our production services run in an isolated Virtual Private Cloud on AWS. Only network protocols essential for making our service work are open at the network's perimeter.
Access controls
Access to internal systems requires multiple authentication factors, including VPN access and device-based authentication tokens.
