Ace Is watching you
Our Ace takes Lingpad’s security very seriously. He protects your data at any cost and nothing gets past him.
Certifications & Compliance
Payment Card Industry Data Security Standard (PCI DSS)
The PCI DSS helps vendors and businesses to ensure that their payment systems are secure and protected (in the event of breaches and theft). Lingpad uses the PCI DSS certified third-party payment processor Stripe. We do not store any personal financial information like credit card numbers.
Health Insurance Portability and Accountability Act (HIPAA)
Lingpad employs trained employees and business associates who are bound by NDAs and Business Associate contracts to adhere to the HIPAA compliance norms at all times. This means any PHI you share with us is protected from misuse, theft, and unlawful disclosure.
ISO 27001
ISO 27001 certification includes international specifications for Information Security Management System (ISMS). Lingpad is ISO 27001 certified. Our security measures, risk management processes, and data protection policies.
SOC 2 Type 2Coming Soon!
SOC 2 Type 2 certification defines five trust principles for managing consumer data - privacy, security, confidentiality, availability, and integrity. Lingpad’s security measures, privacy policies, and operations are in line with consumer data protection guidelines of SOC 2 Type 2.
General Data Protection Regulation (GDPR)
Lingpad is GDPR compliant. We uphold the highest international data privacy standards and ensure that all our customers' data is safe, secure, and protected. We also have a Data Protection Officer who ensures that the seven principles of GDPR are implemented.
EU-US Privacy Shield
Lingpad complies with the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks to provide companies on both sides of the Atlantic with a mechanism to comply with data protection requirements when transferring personal data from the European Union and Switzerland to the United States.
Monitored 24/7/365
Uptime 99.9% or higher
Information Security Controls In Business Operations
Human Resources Security
Lingpad has ethical business practices which reflect when we handpick quality employees. We ensure that they understand the integral role they play in information security and hence, bear certain responsibilities.
Data Encryption
Lingpad encrypts all costumer data to protect it. Our encryption policy ensures all critical data like password, payment details, etc. is always encrypted and protected.
Change management
Lingpad’s servers do not have critical updates older than 30 days as our servers are updated on a monthly basis.
System development and maintenance
At Lingpad, we employ extensive processes for designing, implementing, maintaining, and reviewing our code. We perform regular checks to correct faults, improve performance, and enable the platform to adapt to a different environment.
Business continuity management
Lingpad conducts periodic simulation tests to prepare its infrastructure in case of risk of exposure to any internal and external threats. Redundancy is built into this infrastructure to ensure there’s a backup system in place when the system or a component fails.
Incident response
Lingpad has some incident response procedures in place that are activated once we detect an attack or breach. The system works on containment and recovery. In the meantime, we continue serving customers the way we always do.
System monitoring and alerting
The Lingpad system is monitored 24/7 round the year. Our historical uptime is 99.9% or higher - check here. In case of any critical issues, the DevOps team is alerted immediately.
Access control
Lingpad’s security architecture requires all users to be identified and authenticated via their accounts before accessing customers’ cloud accounts.
Physical and environmental security
We placed certain safeguards to ensure that all the information stored physically is secure and protected. Only authorized personnel can access these assets.
Backups
We conduct automated and encrypted backups of all customer data every day. This data is monitored by operations personnel.
Server and Data
We’ve built the most secure global infrastructure with Amazon Web Services (AWS). Hence, we encrypt all customer data (in-transit) and manage retention. Additionally, our SSL/TLS and AES algorithms make Lingpad fully equipped with secure network communication and a high level of encryption.
Governance, Risk Management, and Compliance (GRC)
Following the GRC approach helps Lingpad employ and encourage good business practices. All our processes and procedures help us achieve our business objectives, tackle any uncertainties, and act with integrity in all our business associations.
Supplier relations
Lingpad takes the appropriate security measures while screening and employing vendors. All vendors sign confidentiality agreements with Lingpad and are monitored to mitigate any risks that may arise.