Customer Trust Center
Security and privacy of our customer’s data is our number one priority. Spin.AI is committed to ensuring that our security and privacy controls meet or exceed security best practices and regulatory requirements.
We meet security requirements by storing data on trusted cloud providers, encrypting each piece of data we store, and applying best practices of access control.
SpinOne platform helps clients comply with the existing rules and regulations like HIPAA, CCPA, and others.
While Spin does not have direct access to customers’ data, we are committed to supporting our customers’ regulatory, legal, and contractual requirements. Spin conducts periodic compliance assessments to ensure compliance with the following regulations:
The General Data Protection Regulation (GDPR)
The Health Insurance Portability and Accountability Act (HIPAA)
The California Consumer Privacy Act (CCPA)
The Payment Card Industry Data Security Standard (PCI-DSS)
Any identified compliance gaps are documented, reported to the Security Council, and monitored until addressed.
To support our customers’ compliance requirements, Spin signs Business Associate Agreements (BAA) and Data Processing Addendum (DPA) when necessary.
Disclaimer: Spin.AI isn’t providing legal advice, customers act on their own volition, and are responsible for ensuring their own compliance with applicable laws and regulations.
SpinOne has EU and US certificates to assure the privacy, confidentiality, security, processing integrity, and availability of customer data.
EU-US Privacy Shield
Data Privacy Practices Compliant
Spin is certified under the EU-US Privacy Shield, and our certification can be validated at the Privacy Shield website:
Although the Court of Justice of the European Union issued a judgment in July 2020 declaring the European Commission Decision 2016/1250 as invalid (on the adequacy of the protection provided by the EU-US Privacy Shield), this decision does not relieve participants in the EU-US Privacy Shield of their obligations under the framework, and Spin maintains its Privacy-Shield certification.
SOC 2 Type II
Trust Services Principles
To assure our customers of the effectiveness of Spin’s controls implemented to protect customers’ data, Spin undergoes a SOC 2 Type II audit and issues the audit report on an annual basis.
The report is available to our existing and potential customers upon a formal request and signing of a Non-Disclosure Agreement (NDA).
Please contact our Support Team or your sales point of contact to request a copy of the report.
Start Making the Most of Your SaaS Security
It only takes a few steps to get started with our free demo.