Compliance at Kissflow
Your data security is our top priority. We’re committed to meet compliance standards
and regulatory standards for Information Security on a continuous basis.
ISO/IEC 27001
The ISO/IEC 27001 is a widely recognized specification for information security management systems (ISMS). It includes details for documentation, management responsibility, internal audits, continuous improvement, corrective and preventive actions.
SOC 1
SOC 1 reports on Controls at Kissflow that are relevant to Customer's Internal Control over Financial Reporting (ICFR). Kissflow has undergone the SOC 1 Type II attestation process where an independent external auditor has audited and attested the effectiveness of controls implemented that are relevant to ICFR.
SOC 2
A SOC 2 report verifies Kissflow’s compliance with a broad range of criteria that the customers can use to gain insights about how Kissflow safeguards customer data. Kissflow has undergone the SOC 2 Type II audit and an independent external auditor has attested the effectiveness of controls implemented.
SOC 3
Kissflow has a SOC 3 report that is similar to a SOC 2 report. A SOC 3 report is a general use report and a more concise version of the SOC 2 report without the detailed description of the controls and the results of the test.
GDPR
The General Data Protection Regulation is an EU law on data protection and privacy of individuals and businesses inside the EU economic area. You can refer to our Privacy policy and Data Processing Addendum that incorporates the latest Standard Contractual Clauses.
HIPAA
The Health Insurance Portability and Accountability Act is a Federal law that prevents sensitive patient health information from being disclosed. Kissflow has a wide range of security controls implemented and can also enter into a Business Associate Agreement with the customers upon request to comply with HIPAA requirements.
CCPA
The California Consumer Privacy Act gives customers control over the personal information collected by the businesses. Kissflow’s privacy practices aligns to the requirements set forth in CCPA.
Qualys SSL
Qualys SSL Labs performs deep analysis of the configuration of any SSL web server on the public Internet. Kissflow has been assigned with the highest rating of A+ for the Web layer.
ISO/IEC 27001
The ISO/IEC 27001 is a widely recognized specification for information security management systems (ISMS). It includes details for documentation, management responsibility, internal audits, continuous improvement, corrective and preventive actions.
SOC 1
SOC 1 reports on Controls at Kissflow that are relevant to Customer's Internal Control over Financial Reporting (ICFR). Kissflow has undergone the SOC 1 Type II attestation process where an independent external auditor has audited and attested the effectiveness of controls implemented that are relevant to ICFR.
SOC 2
A SOC 2 report verifies Kissflow’s compliance with a broad range of criteria that the customers can use to gain insights about how Kissflow safeguards customer data. Kissflow has undergone the SOC 2 Type II audit and an independent external auditor has attested the effectiveness of controls implemented.
SOC 3
Kissflow has a SOC 3 report that is similar to a SOC 2 report. A SOC 3 report is a general use report and a more concise version of the SOC 2 report without the detailed description of the controls and the results of the test.
GDPR
The General Data Protection Regulation is an EU law on data protection and privacy of individuals and businesses inside the EU economic area. You can refer to our Privacy policy and Data Processing Addendum that incorporates the latest Standard Contractual Clauses.
HIPAA
The Health Insurance Portability and Accountability Act is a Federal law that prevents sensitive patient health information from being disclosed. Kissflow has a wide range of security controls implemented and can also enter into a Business Associate Agreement with the customers upon request to comply with HIPAA requirements.
CCPA
The California Consumer Privacy Act gives customers control over the personal information collected by the businesses. Kissflow’s privacy practices aligns to the requirements set forth in CCPA.
Qualys SSL
Qualys SSL Labs performs deep analysis of the configuration of any SSL web server on the public Internet. Kissflow has been assigned with the highest rating of A+ for the Web layer.
