At Conclude, our commitment to security is integral to our mission of facilitating seamless collaboration across various platforms. We ensure the protection of data through rigorous security measures and compliance with global data protection regulations.
Encryption and Data Protection: Conclude ensures all data transmitted and stored within our platforms is encrypted using HTTPS with TLS 1.2 or higher.
Data at Rest is protected using advanced encryption methods. Specifically, we use AES-256 encryption to secure stored data, ensuring it is safeguarded against unauthorized access and breaches.
Our data storage is secured on Google Cloud Platform with automated backups and point-in-time recovery options.
Minimal Permission Requirement: Conclude is committed to respecting user privacy by never asking for more permissions than are necessary to provide our services. This ensures that only essential data is accessed, aligning with our privacy-first approach and minimizing potential risks.
Enterprise-grade Compliance: Conclude is actively working towards achieving SOC 2 Type II compliance. We are committed to maintaining the security and confidentiality of customer data and are currently undergoing the observation process using the Vanta Trust management platform. This step ensures that we are aligning our procedures and security measures with the rigorous standards required for certification.
Privacy First: We comply with major regulatory frameworks including GDPR, ensuring that personal data is handled with utmost care and only per legal and regulatory requirements.
Robust Infrastructure: Our platform architecture utilizes CloudSQL/PostgreSQL for relational data, Memorystore/Redis for caching, and maintains high-availability configurations to ensure reliability and performance.
Data Processing: We process data strictly to facilitate the functionality of Conclude without storing any personal data beyond what is necessary for transactional integrity and operational requirements.
Sub-processors and Third-Party Interactions: We engage with sub-processors such as Google, Slack Technologies, and Microsoft Corporation to enhance our service offerings, ensuring they adhere to our stringent security and privacy standards. Detailed documentation on sub-processor agreements is available upon request.
Regulatory Compliance and Rights of Data Subjects: Conclude assists in safeguarding the rights of data subjects under GDPR, including access, correction, and erasure of personal data.
Incident Response and Breach Notification: In the unlikely event of a data breach, Conclude is committed to notifying affected parties without undue delay and taking immediate remedial actions to prevent future occurrences.
At Conclude, we believe in full transparency and are committed to upholding the highest standards of data protection and security. For more detailed information about our security practices or to request security documentation, please contact our support team.