Security, Privacy, & Compliance

The security and privacy of your information are taken seriously at Acuity, and we’ll never market to your customers or share your information with others. That’s the abridged version; but, you can read more about it in our privacy policy.

In addition to the steps we take by securing our servers and training our staff about privacy, we also comply with: 

  • EU businesses can sign and return an International Data Transfer Agreement containing the EU Model Clauses. If you prefer to sign digitally, please contact support.
  • Compliance with HIPAA Security Rule and guidance laid out in NIST SP 800-66. Read more about HIPAA.

  • PCI (SAQ C 3.1)

  • Data center is certified SOC 2 Type II

  • Accessibility compliance for section 508, download VPAT

For those of you in the EU who must comply with the General Data Protection Regulation (GDPR), effective May 2018, we are currently in the process of investigating compliance with GDPR. We do anticipate being compliant with GDPR by the effective date, however this is subject to change if any unforeseen issues arise during compliance review.

If you have any questions about security or privacy, please contact support.


Have more questions? Submit a request