Data Security & Compliance
We're committed to protecting your data and privacy with SOC-2 verification, regular penetration testing, compliance reviews and audits.
SOC 2 Type 2 Certified
UserGems is SOC 2 Certified by leading third-party cybersecurity auditors.
UserGems is GDPR compliant as both a Data Processor and a Data Controller. Click HERE to learn more about UserGems and GDPR.
Transit and At Rest encryption
All data within UserGems is encrypted with state of the art encryption. Starting at the moment it is send to us until it is removed from our systems.
All our databases and servers are hosted in AWS or Azure datacenters, secured with multiple layers of state of the art protection: VPC with strict firewall settings, hashed passwords, two factor authentication, intrusion detection systems and much more.
We use OAuth2 to securely authorize other SaaS services and do not store your credentials for those services.
Privacy & Safety Features
You actively decide which data you share with us.
Annual Penetration Testing
Network and greybox penetration tests are performed by a certified third party at least annually.
Internal & External Audits
UserGems is under continuous external audit (SOC 2 Type 2) and has regular internal audits to make sure your data is as safe as possible.
UserGems uses automated back ups which includes geo redundancy and point in time backups to achieve a maximum 24-hour RTO and RPO.