Data security — it’s increasingly becoming a top concern for consumers. A 2022 Ipsos poll found 84% of Americans reported being concerned about the safety and privacy of their data. And with recent breaches from big names like Microsoft, News Corp, and Red Cross, it’s easy to see why.
But businesses and service providers can actually use this growing concern to their advantage.
How?
By partnering with vendors that take data security seriously.
At WhatConverts, we know data security is at the top of your clients’ minds. It’s why we’re proud to announce that we’ve successfully earned SOC 2 Type 2 compliance, one of the most stringent measures of data security.
84%
of Americans reported being concerned about the safety and privacy of their data.
Here’s a brief breakdown of SOC2 Type 2 compliance and what it means for you, your clients, and your business as a whole.
What is SOC 2 Type 2 Compliance?
First things first, let’s go over what SOC 2 Type 2 is.
Developed by the American Institute of Certified Public Accountants (AICPA), SOC 2 is a type of Service Organization Control (SOC) audit. These audits examine the risks associated with using a service provider by reporting on their use of industry best practices. SOC 1 focuses on financial controls, while SOC 2 is more concerned with information security, confidentiality, and privacy.
For a service provider to be SOC 2 Type 2 compliant, they need to follow exceptionally rigorous data security control processes. They also need to pass examination from an independent CPA firm.
Control factors considered during SOC 2 Type 2 audits include:
- Penetration Testing by a third-party cyber-security firm to ensure that the security posture of our services is uncompromised.
- Vault-Locked Data Backups to protect from ransomware attacks.
- Encryption at Rest of all databases and Encryption in Transit to ensure that data remains hidden from or inaccessible to unauthorized users.
- Vulnerability Scanning of our application to actively monitor for threats.
SOC 2 Type 2 vs. Type 1
There are two types of SOC2 audits: Type 1 and Type 2.
Type 1 is designed to examine internal control procedures at a single point in time. For instance, a Type 1 examination may look at how a service provider stores passwords in their system at the time of testing.
Type 2, on the other hand, is even more involved. These audits take place over a large stretch of time—usually over the course of 6 months. As a result, measures are tested more extensively. And certification gives a more complete picture of a service provider’s data security practices.
Why Is SOC 2 Type 2 Important for You (and For Us)?
So, why does all this matter? And what does WhatConverts’ SOC 2 Type 2 certification mean for your business?
There are a few things at play here:
- Greater Customer Confidence – A whopping 91% of consumers say they’re more likely to trust companies that show a real commitment to protecting their customers’ information. When your marketing agency works with SOC 2 Type 2 certified vendors like WhatConverts, it proves you care about data security too.
- Aligned Values – Customers want to align with companies that reflect similar values. Being a good steward of personal data shows you take protecting personal information just as seriously as your customers. And that’s a fantastic way to build loyalty.
- More Transparency – The completion of this examination exemplifies WhatConverts’ commitment to its users to provide unfiltered information about the effectiveness of our internal controls. For you, that means building trust by working with partners that are open and transparent.
- Sets a New Industry Standard – As greater numbers of service providers seek data security certification, it becomes less of a “nice to have” and more of a necessity. And that can lead to serious shifts in the industry as a whole towards being better stewards of customer data.
91%
of consumers say they’re more likely to trust companies that show a real commitment to protecting their customers’ information.
Other Security Measures We Use to Keep Your Data Safe
While earning SOC 2 Type 2 compliance is a major win, it’s just one part of our overall security plan, which includes the following:
We take pride in the level of data security we provide for marketing agencies like yours. Not because we have to. But because it’s the right thing to do.
What Are the Standards for Gaining SOC 2 Type 2 Certification?
Gaining SOC 2 Type 2 certification is no easy process.
First and foremost, service providers must be audited by an independent CPA firm. At WhatConverts, we partnered with Prescient Assurance LLC, a leading provider of attestation and compliance services.
Prescient conducted an independent and thorough audit of WhatConverts’ servers, systems, and products from July 15, 2022, to January 15, 2023. It was also conducted under the SOC 2 compliance framework provided by the American Institute of Certified Public Accountants.
To gain certification, a service provider must be tested against one or more of the AICPA’S Five Trust and Integrity Principles:
- Security – Information and systems are protected against unauthorized access, unauthorized disclosure of information, and damage to systems that could compromise the availability, integrity, confidentiality, and privacy of information or systems and affect the entity’s ability to meet its objectives.
- Availability – Information and systems are available for operation and use to meet the entity’s objectives.
- Processing Integrity – System processing is complete, valid, accurate, timely, and authorized to meet the entity’s objectives.
- Confidentiality – Information designated as confidential is protected to meet the entity’s objectives.
- Privacy – Personal information is collected, used, retained, disclosed, and disposed to meet the entity’s objectives.
WhatConverts’ successful SOC 2 Type 2 examination focused on the Security Principle, which tested our information and systems against more than 100 different control factors over the course of several months.
Consequently, we’ve been certified as being thoroughly protected against unauthorized access, disclosure of information, and damage to systems.
Our Commitment to Your Security
We understand the importance of data security. Not just for our clients, but for their customers as well.
That’s why we hold our commitment to keeping your information secure as our highest priority. We’re serious about data security. Because your customers are too.
We plan to follow through on that commitment to earning your trust by:
We’re proud to say our earning of SOC 2 Type 2 certification is just one step in creating a more secure industry for your customers. Because we built WhatConverts to empower you to be more successful without ever having to compromise your (or your customers’) data security.
Call Tracking
Form Tracking
Chat Tracking
eCommerce
Agencies
Marketers
Franchises
Businesses
Hospitality
Finance and Insurance
Real Estate
Automotive
Health and Wellness
Doctors and Medical
Dental
Plastic Surgeons
Education
HVAC and Plumbing
Lawyers
Manufacturing
AgencyAnalytics
Google Ads
Acuity Scheduling
Squarespace
Zoho CRM
Salesforce
Intercom
Google Analytics
Facebook Ads
Pipedrive
Livechat
WooCommerce
Over 1000 integrations
Help Center
Blog
API for Developers
Webinars
Schedule a Demo
System Status 100%
