Customer Security

Performance and data privacy are core to the Crowdvocate platform. Our principle of customers first means we also make sure we first and foremost protect the data, users, IP and applications of our customers

Keeping your data safe

Crowdvocate meets top industry standards for security and compliance.

Our philosophy, backed by policy, security and procedures, is to never share or commercialize customer data.

We utilize AWS secure cloud services, authenticate users, and comply with GDPR.

ISO 27001 Information Security Certification
Crowdvocate received the International Organization for Standardization Certification for Information Security (ISO 27001:2013). The audit evaluated Crowdvocate’s information security management system from product, infrastructure and organizational aspects, and verified that Crowdvocate has the necessary information security controls in place to ensure the confidentiality, integrity and availability of sensitive information assets.

ISO 27017 Cloud Specific Controls
ISO 27017 provides guidance on the information security aspects of cloud computing, recommending the implementation of cloud-specific information security controls that supplement the guidance of the ISO 27002 and ISO 27001 standards. This standard provides additional information security controls implementation guidance specific to cloud service providers. Crowdvocate’s attestation to the ISO 27017:2015 guidance demonstrates our ongoing commitment to align with globally-recognized best practices, and verifies that Crowdvocate has a system of highly precise controls in place that are specific to our cloud services.

ISO 27018 Personal data Protection (PII)
ISO 27018 is a standard that focuses on protection of personal data in the cloud. It is based on ISO information security standard 27002 and provides implementation guidance on ISO 27002 controls applicable to public cloud personally identifiable information (PII). It also provides a set of additional controls and associated guidance intended to address public cloud PII protection requirements not addressed by the existing ISO 27002 control set. Alignment demonstrates to customers that Crowdvocate has a system of controls in place that specifically addresses the privacy protection of their content. Crowdvocate’s alignment (as verified by a third-party assessment) with this internationally recognized code of practice demonstrates Crowdvocate’s commitment to the privacy and protection of customers’ content. By following the standards of ISO/IEC 27001 and the code of practice embodied in ISO/IEC 27018:2014, Crowdvocate demonstrates that its privacy policies and procedures are robust and in line with its high codes of practice, namely:
Crowdvocate customers can know where their data is stored.
Customer data won’t be used for marketing or advertising without explicit consent.
Crowdvocate customers know what’s happening with their PII.
Crowdvocate will comply only with legally binding requests for disclosure of customer data.

CSA’s STAR Level 1
Based on our assessment within the Cloud Controls Matrix, we are listed on the Security Trust Assurance and Risk (STAR) registry, which encompasses key principles of transparency, rigorous auditing, and cloud security best practices. You can see the Crowdvocate listing here.

Data Encryption​

Data is encrypted In transit and personal data is encrypted & salted at rest. Crowdvocate utilizes industry-accepted tools and standards for data handling and security.

Data Deletion Requests

Crowdvocate supports the “Right to be Forgotten” / data deletion requests for data and users.

Permissions & Access Controls Encryption​

Access controls and permissions are role based allowing managed restriction and authorizations.

Redundancy & Resilience

Crowdvocate is designed with business continuity in mind as an enterprise scale platform.

Hosting and Infrastructure

Crowdvocate Software-as-a-Service (SaaS) solution is available for both public and private clouds utilizing secure cloud services provided by Amazon Web Service (AWS).

Maintaining the standard

Crowdvocate leverages cyber security experts to continuously improve our security posture. We run routine annual audit and penetration-tests by external experts. Additionally, AWS runs its own independent tests and 24/7 monitoring of security-related events by dedicated teams.

Ready to Discuss?

Let Crowdvocate help you and your company step into the future of automated customer engagement marketing with confidence.