As stewards of your data, we use compliance frameworks with supporting materials that verify our capabilities. This makes it easier for you to navigate the complex compliance landscape.
Service Organization Controls (SOC) 2 defines criteria for managing customer data based on five “trust service principles”—security, availability, processing integrity, confidentiality, and privacy. We are annually audited for SOC 2 Type 2 compliance on select trust service principles.
A SOC 1 report validates internal controls of organizations that handle customer data with the potential to impact customer financial reporting and SOX compliance. Zip has been audited for SOC 1 Type 2 compliance.
As part of our commitment to transparency and to simplify the procurement process for our customers, Zip has prepared detailed Privacy Data Sheets designed to provide you with all the information you need to know about how Zip captures, processes and stores your data through the use of the Zip solution.
Where a customer’s use of the Zip solution requires the transfer of personal information outside the European Economic Area or the United Kingdom to a third country, Zip uses the Standard Contractual Clauses (also commonly referred to as EU Model Clauses) and UK International Data Transfer Addendum as legally recognized data transfer mechanisms.