Data Security & Compliance

We're committed to protecting your data and privacy with SOC-2 verification, regular penetration testing, compliance reviews and audits.
GDPR
SOC 2 Type 2
CCPA

SOC 2 Type 2 Certified

UserGems is SOC 2 Certified by leading third-party cybersecurity auditors.

GDPR Compliant

UserGems is GDPR compliant as both a Data Processor and a Data Controller. Click HERE to learn more about UserGems and GDPR.

Transit and At Rest encryption

All data within UserGems is encrypted with state of the art encryption. Starting at the moment it is send to us until it is removed from our systems.

Database Security

All our databases and servers are hosted in AWS or Azure datacenters, secured with multiple layers of state of the art protection: VPC with strict firewall settings, hashed passwords, two factor authentication, intrusion detection systems and much more.

Integrations Security

We use OAuth2 to securely authorize other SaaS services and do not store your credentials for those services.

Privacy & Safety Features

You actively decide which data you share with us.

Annual Penetration Testing

Network and greybox penetration tests are performed by a certified third party at least annually.

Internal & External Audits

UserGems is under continuous external audit (SOC 2 Type 2) and has regular internal audits to make sure your data is as safe as possible.

Data Recovery

UserGems uses automated back ups which includes geo redundancy and point in time backups to achieve a maximum 24-hour RTO and RPO.

Help your teams hit their revenue targets with secured and compliant data