Service Organization Control (SOC) 2 Report:
CardinalOps undergoes an annual SOC 2 Type II audit, which demonstrates our commitment to meeting the most rigorous security, privacy and confidentiality standards in the industry.
The audit verifies that CardinalOps’ security controls are in accordance with the AICPA Trust Services Principles and Criteria.
Our SOC 2 Type II report is available upon request.
CardinalOps’ service is hosted on AWS, which also holds a SOC 2 Type II report.
At CardinalOps, we are committed to the protection of our customers’ information. We employ robust security measures and periodically assess their effectiveness, making sure we adhere to the requirements of the General Data Protection Regulation (GDPR).
The GDPR governs the privacy rights granted to European individuals and requires certain companies that process the personal data of European individuals to comply with a new set of regulations. In particular, the GDPR may apply to companies that process the personal data of European individuals and have a presence in the EU (e.g. offices or establishments) and to companies that do not have any presence in the EU but target the European market (e.g. by offering goods or services to the European market) or monitor the behavior of European individuals.
When we process personal information that is subject to the GDPR (which occurs in our capacity as a “data processor” on behalf of our customers), we knowingly collect only data that is necessary for us to provide our service, we process it securely and work with GDPR-compliant third parties, and as part of our unwavering dedication to protect our clients’ personal data, we continuously act to ensure that our practices align with the GDPR principles.