SOC 2 is an auditing standard created by the American Institute of Certified Public Accountants (AICPA) that sets compliance standards for a company’s security controls. We’re proud to be SOC 2 Type II certified with an unqualified opinion covering controls around security, confidentiality, and privacy. Our SOC 2 Type II report is available by request on our Enterprise Plan.
HIPAA (Health Insurance Portability and Accountability Act) guides the way companies handle protected health information (PHI) to ensure proper data security. OneSignal provides a platform to support HIPAA compliance. A Business Associate Agreement (BAA) is available to customers by request on our Enterprise Plan.
The EU-U.S. and Swiss-U.S. Privacy Shield Frameworks were designed to provide companies on both sides of the Atlantic with a mechanism to comply with data protection requirements when transferring personal data from the European Union and Switzerland to the United States in support of transatlantic commerce.
OneSignal’s Privacy Shield Certification.
In May of 2018, the European Union implemented a law for its citizens called the General Data Privacy Regulations (GDPR). GDPR addresses the transfer of personal data outside the EU and EEA areas.
The California Consumer Privacy Act (CCPA) is a state statute that is intended to enhance privacy rights and consumer protection for residents of California in the United States. CCPA provides residents with the right to know and control how their personal data is being used by businesses.