Secure by design.
Flatfile is dedicated to the privacy and security of customer data. We adhere to a security first company culture, meeting stringent compliance and security requirements.
Compliance
With customers across 6 continents, we obsessively prioritize compliance standards
SOC 2 Type II
Flatfile has completed a SOC 2 Type II audit against the AICPA Service Organization Control Trust Services Principles, Criteria, and Illustrations for Security, Availability and Confidentiality.
HIPAA
For organizations that need to move PII data, Flatfile is HIPAA compliant.
GDPR
Flatfile is GDPR compliant, securely working with data from companies around the world.
EU/US Privacy Shield
Flatfile maintains compliance under the EU/US Privacy Shield. EU servers are also available for deployment.
Data is encrypted in transit and at rest in AWS
With object storage in Amazon Web Services, data is encrypted on both the server side and the client side.
Penetration testing
Pen testing is handled based upon requirements of our compliance certifications.
Audits and User Action Tracing
All actions taken in our AWS environment are logged and monitored.
Application monitoring
User experience and performance are always top of mind. We've dedicated the proper resources and infrastructure tools to ensure Flatfile's solutions run smoothly.
Load & Volume
Resources are dynamically scaled based on server load and data volume.
24x7 Monitoring
Continuous logging, application monitoring, and alerts.
Malicious activity monitoring
Intrusion detection software has been implemented to monitor suspected malicious activity as well as monitor and block malicious traffic or usage patterns.
Resiliency
Since preparation is a key ingredient to success, our team focuses on resiliency and planning when it comes to customer data.
Data centers
Resources are dynamically scaled based on server load and data volume.
Durability
Continuous logging, application monitoring, and alerts.