Compliance and Certifications

We’re building a data platform that scales with the growth in volume and demands for data — and meets the growing need, complexity, and importance of data security. As part of our commitment to security standards, we’re actively pursuing SOC2 Type 2 certification. We’re currently in the audit period, and aim to achieve certification by March 2021

Our Principles

Earn trust

Good security is at the core of earning trust. We’re always working to enhance and improve our data security for clients who rely on us to secure the data that drives their business decisions.

Client data first

By design, bipp does not store client data. Our data platform sits on top of your existing database, using a secure connection to directly query your data warehouse.

Your data, your controls

We give our clients the controls they need to protect, govern, and access their data, with fine-grained project/dataset/data model level, group level and role level control.

End-to-end platform and data security

We employ strong encryption for data at rest and in transit while adhering to the most stringent software development security and training programs. We’re constantly working to protect our customers’ data and routinely patch our systems. bipp undergoes regular penetration testing by third party experts to ensure the platform’s design and functionality. Additionally, we monitor over 100 security controls, from employee onboarding to vulnerability scanning.

Data protection and access controls

Security at bipp is not a one-time activity. True protection comes through our security strategy that covers all aspects of our business. We commit to constantly investing in new ways to protect your data and our platform. bipp uses secure connections to any modern data warehouse while respecting existing role-based access. Beyond these basics, we also support Single Sign-On (SSO) and multi-factor authentication to govern and audit data access. Our enterprise clients can also control access to sensitive information using row and column level security.

Privacy by design

We are responsible for protecting our customers’ data and individual data privacy rights and believe that frameworks such as GDPR and CCPA are beneficial for protecting the information of individuals. Through data source-level granular access controls and user account restrictions, customers can tightly control what information is accessible to - and through - bipp.

For more information, please see our Security Statement, Privacy Policy and Terms-of-Service. If you have a question, concern or believe you may have identified an issue, please contact us at security@bipp.io.