Data Security and Privacy
Keep your data private, secure, and compliant with Showpad’s best-in-class procedures and practices.
Showpad’s Information Security team goes above and beyond to fully secure your data and ensure your privacy. With a corporate headquarters in Ghent (Belgium), and North American headquarters in Chicago (US), we will continue to be at the forefront of the latest requirements. This gives our customers enough information to be compliant while offering them the flexibility to make changes to the platform according to their organizational needs – ensuring secure data access at all times.
The SOC 2 Type 2 Compliance describes the Showpad Sales Enablement Platform and the Suitability of the Design and Operating Effectiveness of Controls Relevant to the Security, Availability and Confidentiality Principle(s).
Certification around Showpad’s information security and governance, business and information system recovery and problem and incident management. It audits the system setup and maintenance, processes around change management and the monitoring of production systems.
Showpad received the ISO/IEC 27001 certification for our Information Security Management System (ISMS), controlling the development, provisioning, and support of technologies for marketing and sales management.
Showpad allows customers the necessary flexibility to adapt Showpad services to their organizational needs in order to comply with local data protection legislation such as the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy act (CCPA).
Integrated compliance framework
As an ISO/IEC 27001:2013 certified company, Showpad uses the ISO/IEC 27001:2013 leading standard and applies the guidelines and general principles defined in ISO 27002 for implementing, maintaining, and improving a risk-based Information Security Management System.
In support of our Security Management System and continued compliance efforts, Showpad recently added ISAE3402 Type I and SOC 2 Type II accreditation, making Showpad the only platform in the Sales Enablement space covering these three Third-Party Assurance reports.
Security policies and procedures
Our security policies and procedures are readily available to Showpad’s employees and contractors. Showpad regularly performs internal and external compliance checks to ensure policies, practices, and procedures are followed.
Secure development lifecycle
120+ in-house engineers code according to an agile software development lifecycle, with security at its core. Our software development lifecycle incorporates OWASP’s industry-recommended practices for producing secure code as well as extended testing to ensure a safe product.
Infrastructure resilience capabilities
We meticulously screen potential partners and only work with the most secure organizations, such as Amazon Web Services. Showpad’s servers are hosted in world-class data centers with numerous certifications, including ISO/IEC 27001 and SOC2. Learn more on the Trust Centers of Amazon Web Services.
Identity and access management
Showpad supports secure login procedures while matching your team’s unique configuration needs, such as password security levels. Deploy Showpad by auto-provisioning users or via Single Sign-On with SAML 2.0-compliant providers such as Okta, Ping Identity, Salesforce, and Microsoft Active Directory Federation Services.
Guaranteeing integrity and confidentiality, all data in Showpad is stored and transmitted with end-to-end TLS encryption.
Compliance with personal data legislation
Showpad allows customers the necessary flexibility to adapt Showpad services to their organizational needs in order to comply with data protection legislation such as the EU General Data Protection Regulation (learn more about GDPR at Showpad here), California Consumer Privacy act (CCPA), UK Data Protection act 2018, or, the Swiss Data Protection act, etc.
To help our customers with compliance, we continuously add flexibility to our online platform, mobile apps, email plugins, and integrations.
Privacy by design
Not only do we demonstrate industry-recommended best practices, but we also take privacy into account during every step of the engineering process – resulting in the most secure set of platform capabilities in the market, including:
- Advanced file permissions
- Anonymized user analytics
- Custom privacy disclaimers when sharing content
- Possibility to revoke access to files shared with users