ClearlyRated Data Security

We're Serious About Data Protection

We'd love to tell you all the reasons why you can trust us with your data. But, honestly, you shouldn’t just take our word for it. Many service firms expose themselves to unnecessary risk by neglecting to ask the right security questions of the vendors to whom they entrust their data. Our advice: make sure that your technology providers can demonstrate third-party proof of their commitment to securing your data! You can find ours below.

SOC 2 Type 1 Audit

We completed our SOC 2 Type 1 audit in 2022 with AICPA member firm Perkins Accounting. The full audit report is available upon request. 

Rackspace Server Hosting

Our application runs on managed systems from Rackspace, out of their Chicago datacenter. You can review the full suite of certifications, audits, and processes of that datacenter on the Rackspace website: https://www.rackspace.com/about/data-centers/chicago

Security Scorecard

This 3rd party continuously scans our systems for configurations that would make them vulnerable to a security breach. They provide us an overall security grade, as well as grades within each security category they monitor.

Corporate Security Awareness Training

We work with a leading security solutions provider to provide continuous 3rd party security awareness training and testing of our employees. A summary of our current security culture score is available by request.

Corporate Network and Device
Security

We work with a suite of 3rd party security professionals to continuously monitor our entire corporate network infrastructure and all endpoint devices for vulnerabilities and intrusions. A summary of these providers and what they do for us is available by request.

Independent Application Penetration Testing

We annually commission an independent penetration test of our application based on the secure application development framework from OWASP, which includes full access to application source code. A summary of the most recent penetration test and remediation efforts are available by request.

 

In addition to the above, we are compliant with all of the following regulatory actions and governing bodies: GDPR using SCC, EU-U.S. and Swiss-U.S. Privacy Shield Framework, CAN-SPAM Act, Telephone Consumer Protection Act (TCPA), Canada’s Anti-Spam Legislation (CASL), California Consumer Privacy Act (CCPA), and California Privacy Rights Act (CPRA). You can read ClearlyRated's Privacy Policy here.

Have more security questions? Want to request one of our security reports?

Contact us by filling out this form and we'll get back to you as soon as possible!