Enterprise Security with People.ai

People.ai is transparent with our customers and prospective customers on our security and privacy controls around their data. We collaborate with our customers in order to build trust and ensure that our customers maintain a level of comfort in sharing data with People.ai. People.ai completes an annual SOC 2 certification as well as ISO 27001 certification, both of which are available to all customers. In addition to these certifications, People.ai has also completed a Google OAuth Verification and CSA STAR Level 1 Attestation. People.ai also maintains a Status Page with updates on the People.ai application that customers can subscribe to for alerts on any potential issues.

All data provided to People.ai by our customers is encrypted at rest and in transit within the boundaries of the People.ai environment. Customer data in our systems is protected from loss, misuse, and unauthorized access, disclosure, alteration, and destruction.

People.ai has implemented an incident response program in line with ISO 27001 to identify, investigate, and remediate any potential security incidents. People.ai partners with customers to provide transparency in our incident response process and to work with customers in the event of a security incident impacting their services.

People.ai provides a 99.5% uptime SLA by running in a highly available AWS environment, including the use of AWS Shield for DDoS protections.

We’re compliant with GDPR and CCPA. Please visit the People.ai Privacy Statement for more information.

People.ai performs continuous risk assessments in line with ISO 27001 requirements to ensure an ongoing and comprehensive view of overall risk, including fraud risk. We also continuously monitor our environment to ensure that vulnerabilities are identified and remediated in accordance with CVSS scores and potential impacts to the People.ai environment.

Amazon Web Services is our IaaS hosting partner, providing leading-edge physical security and environmental controls that protect the data entrusted to People.ai by our customers. We have also implemented extensive security measures on endpoint devices and at office locations to ensure that sensitive information is accessed and viewed only by those with the proper credentials and business need.

People.ai understands that who we choose as our third-party suppliers and vendors has a direct impact on our customers and the trust we have built with them. We strive to ensure that any third-party vendors or suppliers meet or exceed our expectations when it comes to security and privacy controls. A list of the People.ai sub-processors and vendors can be found here.