Pickle continues to hold high standards for security, process integrity, and confidentiality. We are audited and validated for compliance with the SOC 2 Type II standards.
Pickle hosts all its software in Amazon Web Services (AWS) facilities in the USA. Amazon provides an extensive list of compliance and regulatory assurances, including SOC 1-3, and ISO 27001. See Amazon’s compliance and security documents for more detailed information. 100 percent of Pickle's primary application servers are located within Pickle’s own virtual private cloud (VPC), protected by restricted security groups allowing only the minimal required communication to and between the servers.
All connections to Pickle are encrypted using SSL, and any attempt to connect over HTTP is redirected to HTTPS. All customer data (including call recordings and transcripts) is encrypted at rest and in transit. We rely on AWS infrastructure to securely maintain our cryptographic encryption keys. We use industry-standard, AWS-managed data storage systems and controls.
Our web application strictly adheres to OWASP guidelines, as well as industry best practices. Pickle conducts application penetration testing by a third party at least annually in addition to Pickle's continued internal testing and review program.
Design of all new product functionality is reviewed for security impact, with Pickle conducting mandatory code reviews for all changes to the code. Pickle development and testing environments are separate from its production environment. All code development is done through a standard process.
Vulnerability Disclosure Process – Pickle considers privacy and security to be the core functions of our platform. Earning and keeping the trust of our customers is our top priority; therefore, we hold ourselves to the highest privacy and security standards. If you have discovered a security or privacy issue that you believe we should know about, we would be eager to hear from you.
If you have any unanswered questions, please reach out to us at email@example.com. We will respond to security reports within 24 hours.