Compliance & Certifications
List of all compliances and certifications applicable to CleverTap
Introduction
CleverTap is committed to complying with regulations for account security and here's a list of all regulatory compliances and certifications applicable to CleverTap along with a detailed description.
Compliances
| Compliances/Certifications | Status |
|---|---|
 | CCPA - Compliant |
 | COPPA - Compliant |
 | GDPR - Compliant |
 | HIPAA - Compliant |
 | IS0 27001:2013 - Compliant & Certified |
 | SOC 2 Type 2 - Compliant & Certified |
 | Safe to Host - Certified |
How CleverTap complies
CCPA
California Consumer Privacy Act (CCPA) is a state-wide data privacy law that regulates how businesses all over the world manage the personal information of California residents.
CleverTap complies by:
Providing an AWS data center locally to keep the data within the USA. For more information regarding compliance, see CleverTap CCPA.
COPPA
Childrenβs Online Privacy Protection Act (COPPA), enforced by the Federal Trade Commission (FTC) in the US, outlines all measures that must be undertaken by website operators, marketers, and other providers of online services to protect online safety and privacy of minors.
CleverTap complies by :
- Ensuring that data sent about children below 13 years is done with the consent of the parent/guardian.
- Providing the βopt-outβ handle on the SDK which can be used by the customers to not send data to CleverTap in case of no consent by the users.
GDPR
The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information of individuals who live in the European Union (EU).
CleverTap is GDPR compliant.
HIPAA
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law that was created to protect sensitive patient health information from being disclosed without the patientβs consent or knowledge.
CleverTap is HIPAA compliant because we are listed as a Business Associate.
Renewable Certifications
ISO/IEC 27001:2013
ISO/IEC 27001:2013 specifies the requirements for establishing, implementing, maintaining, and continually improving an information security management system within the context of the organization.
ISO Certification is renewed every 4 years subject to a surveillance audit passed every year. CleverTap complies by being ISO/IEC 27001:2013 certified.
SOC 2 Type 2
A System and Organization Controls (SOC-2) audit report provides detailed information and assurance about a service organizationβs security, availability, processing integrity, confidentiality, and/or privacy controls, based on their compliance with the Trust Services Criteria (TSC) of the American Institute of Certified Public Accountants (AICPA).
SOC 2 Type 2 certification is renewed every year. As a service organization, CleverTap is SOC-2 certified and maintains strict internal controls over the information system that it provides to its users.
Safe to Host
We conduct external Vulnerability Assessment and Penetration Testing (VAPT) every quarter to ensure that our platform is free from vulnerability or threats. The Safe to Host certificate attests that VAPT is periodically conducted and that our platform is free of any potential vulnerabilities.
View CleverTap Compliance and Certifications
- Select Organization > Compliance and Certifications.
This page lists the CleverTap compliance and certifications.
CleverTap Compliances
- Select the Certifications tab.
This page lists the certificates of compliance that CleverTap adheres to.
You may download the compliance certificate if required.
CleverTap Compliances and Certifications
- If you want to view a certificate, click download and agree to the Confidential Information terms and conditions.
Confidential Information
Updated 12 months ago