Compliance at Kissflow

Your data security is our top priority. We’re committed to meet compliance standards
and regulatory standards for Information Security on a continuous basis.

resource-top resource-right-1

ISO_27001_Final-Logo
ISO/IEC 27001

The ISO/IEC 27001 is a widely recognized specification for information security management systems (ISMS). It includes details for documentation, management responsibility, internal audits, continuous improvement, corrective and preventive actions.

SOC
SOC 1

SOC 1 reports on Controls at Kissflow that are relevant to Customer's Internal Control over Financial Reporting (ICFR). Kissflow has undergone the SOC 1 Type II attestation process where an independent external auditor has audited and attested the effectiveness of controls implemented that are relevant to ICFR.

SOC
SOC 2

A SOC 2 report verifies Kissflow’s compliance with a broad range of criteria that the customers can use to gain insights about how Kissflow safeguards customer data. Kissflow has undergone the SOC 2 Type II audit and an independent external auditor has attested the effectiveness of controls implemented.

SOC
SOC 3

Kissflow has a SOC 3 report that is similar to a SOC 2 report. A SOC 3 report is a general use report and a more concise version of the SOC 2 report without the detailed description of the controls and the results of the test.

gdpr
GDPR

The General Data Protection Regulation is an EU law on data protection and privacy of individuals and businesses inside the EU economic area. You can refer to our Privacy policy and Data Processing Addendum that incorporates the latest Standard Contractual Clauses.

hipaa
HIPAA

The Health Insurance Portability and Accountability Act is a Federal law that prevents sensitive patient health information from being disclosed. Kissflow has a wide range of security controls implemented and can also enter into a Business Associate Agreement with the customers upon request to comply with HIPAA requirements.

ccpa
CCPA

The California Consumer Privacy Act gives customers control over the personal information collected by the businesses. Kissflow’s privacy practices aligns to the requirements set forth in CCPA.

qualys
Qualys SSL

Qualys SSL Labs performs deep analysis of the configuration of any SSL web server on the public Internet. Kissflow has been assigned with the highest rating of A+ for the Web layer.

Google_G_Logo
Google API Disclosure

Kissflow’s use and transfer of information received from Google APIs to any other app will adhere to Google API Services User Data Policy, including the Limited Use requirements.

ISO_27001_Final-Logo
ISO/IEC 27001

The ISO/IEC 27001 is a widely recognized specification for information security management systems (ISMS). It includes details for documentation, management responsibility, internal audits, continuous improvement, corrective and preventive actions.

SOC
SOC 1

SOC 1 reports on Controls at Kissflow that are relevant to Customer's Internal Control over Financial Reporting (ICFR). Kissflow has undergone the SOC 1 Type II attestation process where an independent external auditor has audited and attested the effectiveness of controls implemented that are relevant to ICFR.

SOC
SOC 2

A SOC 2 report verifies Kissflow’s compliance with a broad range of criteria that the customers can use to gain insights about how Kissflow safeguards customer data. Kissflow has undergone the SOC 2 Type II audit and an independent external auditor has attested the effectiveness of controls implemented.

SOC
SOC 3

Kissflow has a SOC 3 report that is similar to a SOC 2 report. A SOC 3 report is a general use report and a more concise version of the SOC 2 report without the detailed description of the controls and the results of the test.

gdpr
GDPR

The General Data Protection Regulation is an EU law on data protection and privacy of individuals and businesses inside the EU economic area. You can refer to our Privacy policy and Data Processing Addendum that incorporates the latest Standard Contractual Clauses.

hipaa
HIPAA

The Health Insurance Portability and Accountability Act is a Federal law that prevents sensitive patient health information from being disclosed. Kissflow has a wide range of security controls implemented and can also enter into a Business Associate Agreement with the customers upon request to comply with HIPAA requirements.

ccpa
CCPA

The California Consumer Privacy Act gives customers control over the personal information collected by the businesses. Kissflow’s privacy practices aligns to the requirements set forth in CCPA.

qualys
Qualys SSL

Qualys SSL Labs performs deep analysis of the configuration of any SSL web server on the public Internet. Kissflow has been assigned with the highest rating of A+ for the Web layer.

Google_G_Logo
Google API Disclosure

Kissflow’s use and transfer of information received from Google APIs to any other app will adhere to Google API Services User Data Policy, including the Limited Use requirements.

Left Arrow
Right Arrow

Questions about compliance programs and how we handle your data?