Frequently Asked Questions
      Back to home
      1. Home
      2. Frequently Asked Questions

      Organization and Platform Security/Compliance

      At Spendbase Inc., we take the security and privacy of our users' data very seriously. Our platform adheres to various internationally recognized security frameworks to ensure we provide a secure and compliant environment for all our customers.

      ISO/IEC 27001

      ISO 27001 is one of the most recognized and comprehensive security frameworks in the world. We have implemented an Information Security Management System (ISMS) to identify, manage, and reduce security risks to the confidentiality, integrity, and availability of your data. This certification ensures that our internal processes protect sensitive information from unauthorized access or disclosure.

      Review our certificate

      GDPR (General Data Protection Regulation)

      At Spendbase Inc., we are fully committed to protecting the privacy of our users in accordance with GDPR regulations. GDPR is a European Union regulation that ensures personal data is handled transparently, securely, and with respect for the rights of individuals. We have implemented policies to provide users with greater control over their personal data, including data access, correction, and deletion requests.

      SOC 2 Type II

      SOC 2 Type II compliance is based on five “trust service principles” - security, availability, processing integrity, confidentiality, and privacy. We adhere to  SOC 2 Type II standards to ensure that our platform maintains a high level of security, availability, and confidentiality for all users. This framework helps demonstrate our commitment to protecting your data and maintaining transparent operations.

      To view our SOC 2 Type II report, an NDA must be signed. Please contact your Customer Success manager or Sales Manager to request access.

      PCI DSS (Payment Card Industry Data Security Standard)

      As part of our commitment to safeguarding payment data, we comply with PCI DSS Level 1, a global standard for secure payment card transactions. PCI DSS ensures that we follow the best practices for securing cardholder data and protecting against fraud and breaches, particularly in payment processing systems.


      Review our certificate

      If you wish view our AOC report, please contact your Customer Success manager or Sales Manager to request access.