Trust Center

PRIVACY AND SECURITY ARE IMPORTANT TO US.
SO IS TRANSPARENCY.

Our Trust Center is your guide to how we collect, use, and protect data. If you have any questions that aren’t answered here, please reach out.

 

Privacy and Legal Terms

For Site visitors


Suzy.com Privacy Policy
Crowdtap.com Privacy Policy

For Respondents & Global Audiences

For Respondents & Global Audiences

Privacy Policy
Terms - coming soon

Manage Your Personal Data

Here's how you can actively manage and control your data.

For Crowdtap Members or Site Visitors

Privacy Request Form
Privacy Rights
Privacy Controls

For Non-Crowdtap Respondents

Privacy Request Form

For Clients or Suzy Site Visitors

Privacy Request Form
Privacy Rights
Privacy Controls

Audits & Governance

We are committed to maintaining high standards of data security and privacy for our customers. To achieve this, we have adopted the Standard Controls Framework (SCF)'s integrated controls model. This framework provides a comprehensive set of controls that cover all aspects of our operations, including data security, privacy, governance, risk management, and compliance.

ISO 27001

ISO 27001 is a globally recognized standard for the establishment and certification of an information security management system (ISMS). Our entire information security program is built on the ISO 27001 framework and we are audited annually.

✓ ISO 27001 certificate
✓ ISO 27001 report

SOC 2 Type 2


Components of the Suzy platform are SOC 2 Type 2 compliant. Suzy undergoes a SOC 2 Type 2 examination of our security controls against the AICPA defined standards on an annual basis with a third party audit firm to ensure the security of our platform.

✓ SOC 2, Type II report

ISO 27701


ISO 27701 is a globally recognized standard for the establishment and certification of a privacy information management system (PIMS) that builds on ISO 27001. Our entire privacy program is being built on the ISO 27701 framework.

✓ ISO 27701 certificate
✓ ISO 27701 report

For Respondents & Global Audiences

ISO 42001

ISO 42001 is a globally recognized standard for the establishment and certification of an Artificial Intelligence Management System (AIMS). Our AI governance program is built on the Secure Controls Framework with cross-walk to the ISO 42001 framework, and we are audited annually against ISO 42001 standards.

✓ ISO 42001 certificate
✓ ISO 42001 report

Security

We’re built with a secure foundation and designed with robust compliance features.

Suzy Security Statement
Access control (authentication and authorization)
Data encryption at rest and in transit
Transport Layer Security (TLS) encryption (also known as HTTPS) for all transmitted data
Services hosted by trusted data centers that are independently audited using the industry standard SSAE-18 method
Continuous network and security monitoring
Vulnerability management
Incident response and recovery
Security awareness training
Periodic independent 3rd-party security reviews and penetration testing

Status

Suzy's status page for real-time and historical data on system performance.

 

Access our Trust Portal

Looking to vet our compliance posture as part of your RFP or third party risk management process? Visit our Trust Portal where you can request access to an in-depth overview of the security of our products, the privacy and data protection measures we use, and the documentation that supports our compliance posture.