33Floors Security Policy
Your data is protected.
33Floors understands the value of our customers’ data and the critical importance of protecting sensitive information. As a result, our approach to data security meets or exceeds global security standards, safeguarding data integrity throughout the lifespan of our business relationship and beyond.
Compliance
33Floors’ DataFreedom product is AICPA SOC 2 Type 1 compliant.
Organizational Protection Measures
Personnel Security
As part of their onboarding process, 33Floors employees are led through security awareness training, including acknowledging the company’s Acceptable Use Policy. Security awareness and acceptable use are also reviewed by all employees annually. Additionally, employees and vendors sign non-disclosure agreements, ensuring compliance during and after their employment by 33Floors. Employees are also guided by an extensive Mobile Device Management policy that addresses the security of company laptops and phones.
Access Management
33Floors conducts a thorough authorization process before granting access to IT systems and networks. We implement strict password and multi-factor authentication for these systems and provide employees with dedicated user account access for accountability and tracking purposes.
Data and Information Security
33Floors affirms that our customers’ data belongs exclusively to them. We will never use or share customer data beyond what is thoroughly outlined in our agreement(s) with each organization. We allow access to client data only as is necessary to fulfill our agreed contractual obligations.
