SOC2 certification

Product Fruits' is SOC2 Type II Certified: Understand Our Security Precautions


Product Fruits is proud to announce that we are officially SOC2 Type II certified!

Our team has spent hours, brain power, talent, and tried-and-tested protocols to make sure Product Fruits offers a top-notch, data-safe platform for our users.

This certification gives our customers the peace of mind that their data is secure. In this article, we'll explain what SOC2 certification means for our customers, how we got certified, and the benefits of using platforms with SOC2 certification.

What is SOC 2 certification?

First things first, SOC 2 is a security and safety audit developed by the American Institute of CPAs ( AICPA). The certification process involves a third-party auditor thoroughly reviewing the service provider's policies and procedures, as well as its technical infrastructure.

During this process, an audit company assesses how the service provider safeguards customer data and whether it follows internal policies.

The goal of SOC 2 certification is to measure and make sure that SaaS and third-party companies are processing data safely.

  1. Security: The auditor will assess the service provider's security protocols, including data protection from unauthorized access, theft, and malicious activity.
  2. Availability: The auditor will check the service provider's ability to ensure the services' availability and plans for recovering from outages.
  3. Processing integrity: Takes a look at if the processing data is complete and authorized.
  4. Confidentiality: The auditor will review the service provider's policies and procedures to ensure that all confidential data is kept secure.
  5. Privacy: Considers the collection, use, disclosure, and retention of personal information.

To maintain compliance with these standards, Product Fruits undergoes an annual audit. As well as periodic reviews of our systems and processes to protect customer data at all times.

How did we get SOC 2 certified?

To achieve a SOC 2 certification, companies are subject to month-long audits. This means that outside representatives continuously check, monitor, and report on the protocols of each company.

For Product Fruits, the company that performed the audit was CertPro. This meant that for four months, our team worked closely with CertPro to make sure all our security measures and protocols were in place.

For the audit, Product Fruits had to undergo a number of tests, exercises, and questions. Here are some examples:

  • Explanation of how the system works and evidence of processes
  • Data storage and management
  • Passwords protection and end-to-end encryption
  • Management responsibility and continuous education
  • Cloud storage location inspection
  • Questions about management philosophy and ethics
  • Risk assessment and plans

To get certified, we went through all of our processes, like testing our internal systems and checking how they work with customer info. As part of the audit, they did a deep dive into our existing ways of keeping customer data safe.

Benefits of using platforms that are SOC 2 certified?

In the first quarter of 2023, there were more than six million data records exposed due to data breaches worldwide. Yikes.

And with the growth of online transactions, records, and software, the pace of data breaches is unlikely to decrease.

That is why trusting your data with companies that put your security and safety at the forefront is non-negotiable. Using platforms that are SOC 2 Type II certified comes with a myriad of benefits for organizations. From improved customer trust to increased security, these platforms provide an extra layer of protection for sensitive data.

"SOC2 has reinforced the security we demand for our users. The highest quality privacy and confidentiality is a guarantee at Product Fruits, not a question, and we're proud to be able to offer it to all of our clients." Sean Matlock, Support Engineer @ Product Fruits

SOC 2 certification guarantees that the platform is taking the necessary steps to prevent unauthorized access to customer data, while also providing assurance that the platform is providing secure storage, processing, and transmission of data.

That means, when you use a company credited with SOC 2, you understand that sensitive information is being stored securely and handled responsibly.

Ultimately, SOC 2 certification provides businesses with the trust that their sensitive data is in good hands with a commitment to adhere to the highest security standards.

How Product Fruits guarantees security for its customers' data

Apart from the SOC2 audit, we implement rigorous security protocols continuously to protect our customers.

Here are some steps we take to keep your data safe:

Proper employee and management training

We require all our staff members to undergo proper training on how to handle customer data in accordance with existing policies and regulations. Each new employee is given training and a workplace manual on customer data protection and safety.

Conduct regular reviews

We continuously test and audit our systems. This allows us to identify any potential issues before they become major problems. All features, data storage access, and encryption are continuously revised and maintained.

Management risk and philosophy audits

Meetings of upper management are convened to review major matters that impact the business, and to analyze the effectiveness of internal regulations, vendor risk evaluation, hazard assessment, and serious security breaches on an annual basis.

We understand that customer trust is paramount when it comes to safeguarding data, which is why we strive to continually monitor our systems for any potential vulnerabilities or breaches in security so that we can take swift action if needed.

We are proud to protect your data at all times

The certification is a sign of commitment to security and privacy, providing assurance that the company is taking the necessary steps to prevent unauthorized access to customer data.

We comply with GDPR, received ISO27001 certification, and SOC2 compliant.

You can read more about GDPR, security, and user data here.

Customers will be reassured that their sensitive information is being kept safe when dealing with a company that has achieved SOC 2 certification.

This makes sure that customers' data remains protected at all times with advanced encryption technology, firewalls, malware detection systems, access control policies, vulnerability scans, and our rigorous security protocols in place.