Security and compliance
Communities are built on trust.
We are, too.
The only thing more critical than protecting your organization’s information is protecting your community’s. Both are top priorities for us.
Security and privacy
Data encryption in-transit and at-rest
We work with external partners to independently audit our security architecture and controls. We engage regularly with a penetration testing firm to provide independent assurance that we stay up-to-date with security best practices.
The Right to be forgotten API
We adhere to GDPR and CCPA regulations and provide a programmatic integration to remove all personally identifiable information.
Fine-grained authentication and authorization
We support Single Sign-On and Role-Based Access Control, plus support for SAML and SCIM via multiple identity providers such as Okta, Microsoft Azure Active Directory, and more.
99% uptime SLA
We support communities with over 1.5 million members and offer a 99% uptime SLA with 24/7 uptime monitoring.
All of our integrations are through official APIs and conform to the terms of service of the 3rd party providers, so you never need to worry about compromising data quality or privacy.
We comply with the General Data Protection Regulation, which is a regulation in EU law on data protection and data subject rights for EU residents.
We adhere to the California Consumer Privacy Act, which upholds privacy rights and consumer protection for California residents.
SOC 2 Type 1 and Type 2
Our SOC 2 Type I report shows we understand the necessary security procedures to safely handle customer data, and our Type II report shows we have upheld these standards over a set period of time.
We’re proud to be trusted by leading organizations of all sizes.
Ready to get started? Join thousands of communities powered by Common Room.