Brightflag recognizes the importance of maintaining the security and integrity of customer data, and of supporting customers’ compliance requirements through our solutions. To this end, Brightflag maintains a range of industry-standard certifications and authorizations, including:

• SOC 2 Type II (Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality or Privacy)
• SOC 1 Type II (Controls at a Service Organization Relevant to User Entities’ Internal Control over Financial Reporting)
• ISO 27001:2013 (Information technology — Security techniques — Information security management systems — Requirements)
• General Data Protection Regulation (GDPR)

Access to the Brightflag Trust Center, which includes third-party audit reports and internal policy documents, is available to interested parties under NDA. For access or assistance with completing an information security and compliance questionnaire, please contact your Brightflag representative.