At Definite, we prioritize the security and privacy of our users' data. Our commitment is reflected in the following measures:
Definite is SOC 2 Type I certified, demonstrating our adherence to industry-leading security, availability, and confidentiality standards. This certification ensures that we have implemented rigorous controls to protect your data.
We employ industry-standard protocols to encrypt data transmitted between your device and our servers, ensuring protection against unauthorized access.
All stored data is encrypted using robust encryption standards to safeguard your information.
Access to user data is restricted to authorized personnel based on their roles and responsibilities, adhering to the principle of least privilege.
We implement MFA for internal system access to enhance security.
All company-issued devices are configured to comply with our security standards, including data encryption, strong passwords, and automatic locking when idle.
Devices run up-to-date monitoring software to detect and prevent potential malware threats.
We utilize advanced firewalls and continuous monitoring to protect our network infrastructure from unauthorized access and threats.
Our systems undergo regular security audits and assessments to identify and address potential vulnerabilities.
We have a comprehensive incident response plan to address potential security breaches promptly and effectively.
In the event of a data breach, we are committed to notifying affected users in a timely manner, in compliance with applicable laws and regulations.
Personal data is retained only as long as necessary to fulfill the purposes outlined in our Privacy Policy or as required by law.
When data is no longer needed, we ensure it is securely deleted or anonymized.
We conduct thorough assessments of third-party service providers to ensure they meet our security standards.
Any data shared with third-party tools is limited to what is necessary for the specific service or functionality, with a preference for anonymized and aggregated data.
Users are responsible for maintaining the confidentiality of their account credentials and for promptly notifying us of any unauthorized use.
Users must comply with our Terms of Service and Privacy Policy, ensuring that their use of our services does not compromise security.
We provide regular security training to our employees to keep them informed about best practices and emerging threats.
We welcome feedback from our users to help us improve our security measures.
For more detailed information, please refer to our Privacy Policy and Terms of Service.