Productiv was built with Enterprise-grade security and stability in mind, keeping your data secure and private is one of our core values. Here’s an overview of policies, technical solutions, and controls we employ to help secure your data.
Compliance and Certifications
Following industry best standards and practices, Productiv has the following certifications and compliances: SOC2 Type 2, GPDR, CCPA, and EU-Privacy Shield.
Productiv is a software as a service (SaaS) multi tenant solution built on top of various AWS services. Productiv maintains strict access control for our website, APIs, and backend data stores. All data is encrypted in transit and at rest, using industry standards of TLS 1.2 and AES 256.
Availability & Continuity
Productiv is built with redundancy and availability in mind. You can monitor the uptime of Productiv at status.productiv.com.
We have two logically and physically separated sites within AWS that ensures in the case of a hard down for a single region, or multiple regions–we have a failover to help maintain our SLAs. This failover is tested at least once per year. All production and backup services are hosted within the continental US.
You, the customer, control what data Productiv can access for your employees and applications. This may include employee PII. Typically, to get maximum value out of Productiv’s data analytics, customers provide Productiv access to employee PII including employee first name, last name, corporate email address, office location, and phone number.
Data Retention & Removal
All data is retained in an encrypted state, backed up to 35 days from a point in time. All ingested customer data (e.g. SaaS-app usage metrics) is retained indefinitely unless informed or requested by the customer.
Customers must request data deletion by emailing firstname.lastname@example.org Data is deleted within 90 days from date of received request and notification of completion of deletion is done via email.
Productiv gives you the capability to set up SAML-based authentication for your access into Productiv with popular providers like Okta, OneLogin, MSFT Azure, etc.
Role-Based Access Controls
Productiv comes pre configured with several roles that allow different levels of access to different aspects of the platform. These include controls on financial data, specific apps, or user management.
Productiv is SOC 2 Type 2 Compliant
For more details, our report is available upon request.