Data Security and Privacy
Keep your data private, secure, and compliant with Showpad’s best-in-class procedures and practices.
The latest news
Showpad uses the ISO/IEC 27001:2013 leading standard, applying the guidelines and general principles defined in ISO 27002 for implementing, maintaining and improving a risk-based Information Security Management System.
As the first vendor in the Enablement space and one of only 200 companies worldwide, we recently received the ISO 27701:2019 certificate in addition to the existing ISO 27001:2013 certificate. This validates our advanced privacy program that applies a GDPR-first strategy when handling personal data of all our customers worldwide.
In support of our Security Management System and continued compliance efforts, Showpad also maintains an ISAE3402 Type I and SOC 2 Type II accreditation, making Showpad the only platform in the Sales Enablement space covering these three Third-Party Assurance reports.
Integrated compliance framework
Showpad uses the ISO/IEC 27001:2013 leading standard, applying the guidelines and general principles defined in ISO 27002 for implementing, maintaining and improving a risk-based Information Security Management System.
As the first vendor in the Enablement space and one of only 200 companies worldwide, we recently received the ISO 27701:2019 certificate in addition to the existing ISO 27001:2013 certificate. This validates our advanced privacy program that applies a GDPR-first strategy when handling personal data of all our customers worldwide.
In support of our Security Management System and continued compliance efforts, Showpad also maintains an ISAE3402 Type I and SOC 2 Type II accreditation, making Showpad the only platform in the Sales Enablement space covering these three Third-Party Assurance reports.
Security policies and procedures
Showpad’s Information Security team goes above and beyond to fully secure your data and ensure your privacy. With a corporate headquarters in Ghent (Belgium), and North American headquarters in Chicago (US), we will continue to be at the forefront of the latest requirements. This gives our customers enough information to be compliant while offering them the flexibility to make changes to the platform according to their organizational needs – ensuring secure data access at all times. Our security policies and procedures are readily available to Showpad’s employees and contractors. Showpad regularly performs internal and external compliance checks to ensure policies, practices, and procedures are followed.
Secure development lifecycle
120+ in-house engineers code according to an agile software development lifecycle, with security at its core. Our software development lifecycle incorporates OWASP’s industry-recommended practices for producing secure code as well as extended testing to ensure a safe product.
Infrastructure resilience capabilities
We meticulously screen potential partners and only work with the most secure organizations, such as Amazon Web Services. Showpad’s servers are hosted in world-class data centers with numerous certifications, including ISO/IEC 27001 and SOC2. Learn more on the Trust Centers of Amazon Web Services.
Identity and access management
Showpad supports secure login procedures while matching your team’s unique configuration needs, such as password security levels. Deploy Showpad by auto-provisioning users or via Single Sign-On with SAML 2.0-compliant providers such as Okta, Ping Identity, Salesforce, and Microsoft Active Directory Federation Services.
End-to-end encryption
Guaranteeing integrity and confidentiality, all data in Showpad is stored and transmitted with end-to-end TLS encryption.
Compliance with personal data legislation
Showpad allows customers the necessary flexibility to adapt Showpad services to their organizational needs in order to comply with data protection legislation such as the EU General Data Protection Regulation (learn more about GDPR at Showpad here), California Consumer Privacy act (CCPA), UK Data Protection act 2018, or, the Swiss Data Protection act, etc.
To help our customers with compliance, we continuously add flexibility to our online platform, mobile apps, email plugins, and integrations.
Privacy by design
Not only do we demonstrate industry-recommended best practices, but we also take privacy into account during every step of the engineering process – resulting in the most secure set of platform capabilities in the market, including:
- Advanced file permissions
- Anonymized user analytics
- Custom privacy disclaimers when sharing content
- Possibility to revoke access to files shared with users
Further, our privacy policy is proactively kept up to date to meet the latest regulatory expectations.