Customer trust and data security are critical to everything we do. Feathery follows security and privacy best practices to ensure customer data is safeguarded. We offer you full control over your data along with granular access and permissioning controls.
Audited and certified as SOC 2 compliant
Feathery is GDPR compliant and provides an endpoint to purge user data
Feathery is HIPAA compliant
Feathery is CCPA compliant
Feathery’s security policies and protocols meet the standards for certification required to comply with major privacy-focused legislation.
Private endpoints enforced across system infrastructure
IP whitelisting and private VPC enforced
Regular penetration testing is performed
We take steps to ensure that the infrastructure you’re entrusting your integrations to is secure and scalable.
SOC 2 report available
Data Processing Addendum available
If you’d like to dig into the details of Feathery’s certifications, contact email@example.com.
Feathery offers flexible options for you to choose from when setting up your data storage and processing.
Host and process your form data in all major regions of the world, including the US, EU, Canada, Australia, and more.
You can configure Feathery to automatically discard your user data after a certain period of time.
Secure your data with the same encryption that banks use and ensure that no unauthorized parties can view sensitive information.
Data at rest is secured using bank level AES-256 bit encryption.
All data in transit is encrypted using TLS/SSL.
We’ve received a score of “A” from Qualys SSL Labs.
Feathery supports Single sign-on (SSO) so you can decrease attack surface and monitor login activity.
Support for all SSO options, including Microsoft, Google, Okta, OneLogin, Google, and much more.
Audit logs for account activity and multi factor authentication can be enforced system wide.
Create granular permissions that dictate who can access and work with your integrations and data.
Support for role-based permissions, custom permission profiles, and user groups.
Support for workspaces and enterprise-scale organization.
Logs can be deleted on request
Personnel undergo security awareness training
Compliance mandated for all employees with Information Security Policy, HIPAA Policy, Data Disposal Policy, Business Continuity and Disaster Recovery Plan, Encryption Policy, and more.
Internal SSO and multi-factor authentication required for all Feathery employees and consultants
All Feathery staff undergo detailed security awareness training — both when they join, and periodically to maintain compliance standards.
Personnel are restricted to minimum access necessary to compmlete business-related tasks.
Email phishing and HR security enforced across all company systems — only select trained personnel can access specific aspects of company systems at any given time
To prevent internal vulnerabilities, Feathery uses IP-based access to limit employee visibility into tools and resources.