In addition to the steps we take by securing our servers and training our staff about privacy, we also:
- Have taken steps to comply with the EU’s General Data Protection Regulation (GDPR). Read more here.
- Comply with HIPAA Security Rule and guidance laid out in NIST SP 800-66. Read more about HIPAA.
- Support the use of Strong Customer Authentication for all Stripe payments in support of the second on Payment Services Directive (PSD2).
- Comply with PCI (SAQ C 3.1)
- Have a data center that is certified SOC 2 Type II.