Safeguarding our customer’s data and ensuring secure authentication is our utmost priority.
Squadcast is ISO 27001 certified, GDPR & SOC 2 Type II compliant. This means all Squadcast users are protected by secure access controls, configurable authentication, and always-on data encryption.
SOC 2 Type II compliant
Squadcast is SOC 2 Type II compliant. We prove our commitment to data protection on an ongoing basis and have achieved Type II compliance as of February 2022.
IEC/ISO 27001:2013 certified
Squadcast’s ISO/IEC 27001:2013 certification is a result of an independent third-party audit, which examines the development and implementation of an information security management system (ISMS) to achieve continuous management of security in a comprehensive manner.
Squadcast is committed to protecting user data. We already have our privacy and security practices aligned with GDPR regulation requirements. All network communications are on the secure HTTPS protocol offering a high level of network security. All credentials (for the third-party apps you grant permission to), in Squadcast, are stored in an encrypted format.
All customer data is stored in the United States of America or the EU. Customers have the choice of choosing the data center while signing up. Outward data transfer from the EU, Swiss & UK is transferred in compliance with the GDPR. Read more about our GDPR compliance here.
Here is a full list of our Subprocessors.
EU-US Privacy Shield
Squadcast complies with the EU-U.S. Privacy Shield and U.S.- Swiss Privacy Shield by adhering to the principles of protecting the rights of anyone in the EU & UK whose personal data is transferred to the United States as well as bringing legal clarity for businesses relying on transatlantic data transfers.
Squadcast supports login via SAML for enhanced security and user experience. Leverage your existing access controls defined in your identity provider.
We at Squadcast use GCP, (a public cloud provider) for handling our Infrastructure, while MongoDB Atlas is our managed database provider. Both have their own robust security measures in place. In addition to that, we have our own security measures such as Firewalls, Access control & restrictions, etc.
System and Software Security
The Squadcast system infrastructure is updated regularly with the latest security patches. All of our servers run hardened patched operating systems.
We employ an internal team of engineers to keep our software and its dependencies up-to-date, eliminating potential security vulnerabilities as and when we become aware of them.
Data Security and Backups
All customer data is written to multiple disks instantly and we use a minimum of three different data disks to store all customer data with regular backups.
All communications with Squadcast via our Web / Mobile application or APIs are transmitted over Transport Layer Security (TLS v1.2 & TLSv1.3) connections. All communications between our servers also happen over TLS connections. Encryption at rest is automated using encrypted storage volumes.
All employees have signed non-disclosure agreements with Squadcast. Employees will not change configurations on your account without you first being notified & most of the changes will be at your request only. We strive to pre-announce any changes to the system that will affect your use in any way.
Employee access to our infrastructure is strictly limited to engineers who require such access in order to maintain the stability and efficiency of our systems. All the access attempts are logged, and multiple failed attempts will cause the relevant users to be locked out.
Our payment processor, Stripe, is a validated Level 1 PCI DSS Compliant Service Provider. Additionally, they are on Visa’s Global Compliant Provider List and MasterCard’s SDP List. Our subscription management system, Chargebee, is also a Level 1 PCI DSS Compliant Service Provider.
Feel free to send us your queries at firstname.lastname@example.org
355 Bryant Street, Suite # 403
San Francisco CA 94107