Compliance and data security
SOC 2
Planned's last SOC2 audit was on April 2023, with no unusual findings. The certificate is available upon request to your implementation manager.
GDPR
Does your organization comply with the General Data Protection Regulation (GDPR)?
Yes
Audit logs
Planned enables logging to track activity and configuration changes. We retain our cloud infrastructure logs for at least one year and have implemented tools to log and retain account activity related to actions across its cloud infrastructure.
Role-Based Access Control (RBAC)
Does your product offer role-based access control to assign and restrict user access?
Yes, our product features role-based access control (RBAC) to manage and restrict user access based on their roles and responsibilities.
Data security
Data Encrypted At-Rest
Does your organization encrypt data at rest?
Yes, our organization implements robust encryption for data at rest, utilizing advanced encryption standards (AES) to secure sensitive information on our storage systems. This approach is critical to our comprehensive data security framework, safeguarding against unauthorized access and data breaches.
Data Encrypted In-Transit
Sensitive data is encrypted when it is transmitted over public networks.
Passwords Encrypted
Does your organization encrypt user passwords?
Yes, our organization encrypts user passwords, utilizing industry-standard hashing algorithms to ensure their security.