Suzy, Inc. Successfully Re-certified for SOC 2 Type 2, Expands Trust Services Criteria to Include Privacy
• • • • • •
Suzy, Inc., a leading consumer insights platform, is pleased to announce its successful recertification of AICPA SOC 2 Type 2. Building on its commitment to security, availability, and confidentiality, Suzy expanded the scope of its audit to test against an additional Trust Services Criteria (TSC) – privacy – further enhancing its dedication to comprehensive data protection and privacy management.
The SOC 2 Type 2 audit is a rigorous evaluation of an organization's information systems relevant to security, availability, confidentiality, and privacy. It is designed in part to ensure that service providers securely manage data to protect the privacy and interests of their clients. This recertification reaffirms Suzy's commitment to these high standards and introduces a new layer of protection by incorporating privacy into the scoped TSC.
“Achieving SOC 2 Type 2 recertification with the addition of the privacy Trust Services Criteria demonstrates our continuous commitment to safeguarding our clients' data,” said Matt Britton, CEO of Suzy, Inc. “As data privacy concerns grow, we are dedicated to ensuring our clients' information is secure and protected.”
In prior years, Suzy's SOC 2 Type 2 certification focused on the TSCs of security, availability, and confidentiality. This year, the inclusion of privacy signifies Suzy's proactive approach to addressing evolving data protection needs and regulatory requirements. The audit involved an extensive review of Suzy's policies, procedures, and controls to verify that they meet the stringent criteria set forth by the American Institute of Certified Public Accountants (AICPA). The audits were conducted by independent, third-party auditors accredited by the ANSI National Accreditation Board (ANAB) to perform SOC certifications.
“Adding privacy to our SOC 2 Type 2 certification underscores our commitment to comprehensive data protection,” said Joel Johnson, EVP Finance & Compliance at Suzy, Inc. “This achievement not only validates our privacy practices but also provides our clients with added confidence in our ability to manage their information responsibly and transparently.”
The successful completion of the SOC 2 Type 2 audit, including the new privacy criteria, highlights Suzy's dedication to continuous improvement and excellence in data protection. By maintaining and expanding its compliance efforts, Suzy ensures that its clients can trust the platform to handle their data with the utmost care and integrity.
For more information about Suzy, Inc. and its commitment to data security and privacy, please visit https://www.suzy.com/trust-center.
This achievement was made possible by the dedicated efforts of Suzy’s internal audit team, co-led by Rachel Harris, Deputy General Counsel, and Andrew Kropf, SVP IT & Security. The team worked diligently to review all necessary protocols, standards, and evidence. Their work was supported by Suzy’s Information Security and Privacy Council, which includes several executive leaders, and contributions from individuals across the company. This collaborative approach underscores Suzy's commitment to upholding high standards of data security and privacy across the organization.
About Suzy
Suzy, Inc. is a leading consumer insights platform that leverages the power of technology to deliver real-time market research and actionable insights. With a mission to connect brands with their consumers, Suzy helps businesses make informed decisions with confidence. For more information, visit www.suzy.com.