Security at Templafy
Templafy’s security-first approach ensures the strongest privacy and security standards, with optimized controls and processes across everything we do
Service Organization Control 2 (SOC 2)
Templafy's SOC 2 report shows how Templafy securely manages data to protect customer privacy
ISO27001 Information security management
Templafy exceeds the international standards for an information security management system (ISMS)
Service Organization Control 3 (SOC 3)
Download our full SOC 3 report for info on internal controls for security, availability and confidentiality
EU General Data Protection Regulation
Templafy is GDPR compliant as protection of personal data is a top priority. Read more via the link below
ISO27017 Information security management
Templafy's ISO27017 certificate shows how we securely manage data in our cloud as a cloud service provider
We’re committed to continually raising Templafy’s security posture by complying with the highest security standards. We do this to strengthen the resilience of the organization and the solution against an evolving landscape.
Security-first in every aspect
Templafy is powered by enterprise-grade security. We're trusted by 600+ enterprises to meet and exceed industry standards and deliver security across every part of our platform
Application security
Templafy conducts periodic penetration tests and continuously scans vulnerabilities. The software has been developed through a Secure Development Lifecycle methodology.
Backup
Data is backed up continuously on MS Azure. Backups are encrypted and data retention rules apply.
Business continuity and disaster recovery
Templafy is deployed redundantly in primary and secondary Azure data centers. Disaster recovery testing is carried out at least annually.
Data security
Data is encrypted both at rest and in transit. Data is stored in MS Azure in either Europe, US, Australia or Canada. Data retention has been defined and implemented for customer data.
Identity and access management
The application can be accessed through SSO or email authentication. Templafy implements role-based access control. Access to the platform is logged.
Incident management
Templafy has implemented an incident management policy that includes defined processes, roles, communications, responsibilities, and procedures for detection, escalation, and response to incidents internally and to customers.
Organizational security
Templafy has a specific Information Security department managed by the CISO. All Templafy employees are trained on security topics. Prior to employment background checks are carried out.
Physical security
MS Azure is responsible for the physical security of their data center sites. Physical controls are implemented across our office locations.
Privacy
Templafy maintains policies, standards and procedures for privacy. Please see our DPA for more details about privacy in Templafy services.
Templafy's approach to security in our technology
Templafy is a security-first organization with an unwavering commitment to privacy, security, and compliance in all aspects of our product and organization.
To learn more about Templafy and how our platform operates from a technical perspective, take a look at our full selection of articles.
Report security incident
Let us know if you have discovered a vulnerability
Sign up for updates
Get notified on the latest security news