Best-in-class data security and access controls

Customer trust and data security are critical to everything we do. Feathery follows security and privacy best practices to ensure customer data is safeguarded. We offer you full control over your data along with granular access and permissioning controls.

Supporting teams at


Strong Regulatory Compliance

Audited and certified as SOC 2 compliant

Feathery is GDPR compliant and provides an endpoint to purge user data

Feathery is HIPAA compliant

Feathery is CCPA compliant

Strong regulatory compliance

Feathery’s security policies and protocols meet the standards for certification required to comply with major privacy-focused legislation.

Private endpoints enforced across system infrastructure

IP whitelisting and private VPC enforced

Regular penetration testing is performed

Infrastructure security

We take steps to ensure that the infrastructure you’re entrusting your integrations to is secure and scalable.

SOC 2 report available

Data Processing Addendum available

Detailed reports available

If you’d like to dig into the details of Feathery’s certifications, contact

Product and Data Security

Customizable data compliance

Feathery offers flexible options for you to choose from when setting up your data storage and processing.

Host and process your form data in all major regions of the world, including the US, EU, Canada, Australia, and more.

You can configure Feathery to automatically discard your user data after a certain period of time.

Bank-level encryption

Secure your data with the same encryption that banks use and ensure that no unauthorized parties can view sensitive information.

Data at rest is secured using bank level AES-256 bit encryption.

All data in transit is encrypted using TLS/SSL.

We’ve received a score of “A” from Qualys SSL Labs.

Account security

Feathery supports Single sign-on (SSO) so you can decrease attack surface and monitor login activity.

Support for all SSO options, including Microsoft, Google, Okta, OneLogin, Google, and much more.

Audit logs for account activity and multi factor authentication can be enforced system wide.

Identity and access management

Create granular permissions that dictate who can access and work with your integrations and data.

Support for role-based permissions, custom permission profiles, and user groups.

Support for workspaces and enterprise-scale organization.

Logs can be deleted on request

Internal Security Best Practices

Personnel undergo security awareness training

Compliance mandated for all employees with Information Security Policy, HIPAA Policy, Data Disposal Policy, Business Continuity and Disaster Recovery Plan, Encryption Policy, and more.

Internal SSO and multi-factor authentication required for all Feathery employees and consultants

Detailed awareness training

All Feathery staff undergo detailed security awareness training — both when they join, and periodically to maintain compliance standards.

Personnel are restricted to minimum access necessary to compmlete business-related tasks.

Email phishing and HR security enforced across all company systems — only select trained personnel can access specific aspects of company systems at any given time

Internal access controls

To prevent internal vulnerabilities, Feathery uses IP-based access to limit employee visibility into tools and resources.

Learn more about Feathery’s
security practices

Book a demo