
Trust Center
PRIVACY AND SECURITY ARE IMPORTANT TO US.
SO IS TRANSPARENCY.
Our Trust Center is your guide to how we collect, use, and protect data. If you have any questions that aren’t answered here, please reach out.
Privacy and Legal Terms
For Site visitors
Suzy.com Privacy Policy
Crowdtap.com Privacy Policy
For Respondents & Global Audiences
Privacy Policy
Terms - coming soon
Manage Your Personal Data
Here's how you can actively manage and control your data.
For Crowdtap Members or Site Visitors
For Non-Crowdtap Respondents
For Clients or Suzy Site Visitors
For Global Audiences
Audits & Governance
We are committed to maintaining high standards of data security and privacy for our customers. To achieve this, we have adopted the Standard Controls Framework (SCF)'s integrated controls model. This framework provides a comprehensive set of controls that cover all aspects of our operations, including data security, privacy, governance, risk management, and compliance.
ISO 27001
ISO 27001 is a globally recognized standard for the establishment and certification of an information security management system (ISMS). Our entire information security program is built on the ISO 27001 framework and we are audited annually.
✓ ISO 27001 certificate
✓ ISO 27001 report
SOC 2 Type 2
Components of the Suzy platform are SOC 2 Type 2 compliant. Suzy undergoes a SOC 2 Type 2 examination of our security controls against the AICPA defined standards on an annual basis with a third party audit firm to ensure the security of our platform.
✓ SOC 2, Type II report
ISO 27701
ISO 27701 is a globally recognized standard for the establishment and certification of a privacy information management system (PIMS) that builds on ISO 27001. Our entire privacy program is being built on the ISO 27701 framework.
✓ ISO 27701 certificate
✓ ISO 27701 report
ISO 42001
ISO 42001 is a globally recognized standard for the establishment and certification of an Artificial Intelligence Management System (AIMS). Our AI governance program is built on the Secure Controls Framework with cross-walk to the ISO 42001 framework, and we are audited annually against ISO 42001 standards.
✓ ISO 42001 certificate
✓ ISO 42001 report
Security
We’re built with a secure foundation and designed with robust compliance features.
Suzy Security Statement
Access control (authentication and authorization)
Data encryption at rest and in transit
Transport Layer Security (TLS) encryption (also known as HTTPS) for all transmitted data
Services hosted by trusted data centers that are independently audited using the industry standard SSAE-18 method
Continuous network and security monitoring
Vulnerability management
Incident response and recovery
Security awareness training
Periodic independent 3rd-party security reviews and penetration testing