Trust Center

Connecting you to our latest security, compliance, privacy and legal information.

Overview      Security      Privacy      Compliance      Agreements      System Status      Alerts

Compliance


SmartSimple collects, holds, and processes various kinds of data, many of which are confidential, protected, or sensitive information. To protect against unauthorized access, data breaches, and other security threats, we maintain a formalized and rigorous security program designed to ensure the security and integrity of your data.

We are obligated under various data protection legislation to have in place an institutional framework designed to ensure the security of all confidential data during its lifecycle, including clear lines of responsibility.

To assist your compliance and legal teams assess and validating our ability to meet the compliance requirements of your organization we provide self-serve access to the following compliance resources within our Trust Portal.

Third-Party Audits and Certifications
bar-fresh-teal

 

BSI logo

ISO 27001
ISO 27001 is a globally recognized, standards-based approach to security that sets out the specification for an information security management system (ISMS). The ISMS standard takes a best-practice approach that helps organizations in managing their information security environment by focusing on people, processes, and technology.

Validate our ISO 27001 Certification.

 

SOC Reports — Our System and Organizational Controls (SOC) Report provides information about our controls environment and may be relevant to your internal controls.  The purpose of these reports is to help you and your auditors understand our control environment that supports operations and compliance.  The SOC reports are independent assessments of our control environment by a third-party auditor (Deloitte).

 

AICPA logo

SOC 1
The SOC 1 report addresses our internal controls over financial reporting and reports the findings at a particular point in time.

Register to access our SOC report.

 

AICPA SOC 2 logo

SOC 2 Type II
The SOC 2 report is built around defined IT service parameters and examines our controls over the following five Trust Service Criteria: Privacy, Confidentiality, Processing Integrity, Availability, and Security. This report confirms we have the appropriate controls in place and that these controls are functioning over a duration of time.

Register to access our SOC2 report.

 

AICPA SOC 2 logo

SOC 2 + HITRUST Mapping
AICPA and HITRUST have collaborated to guide the mapping of the HITRUST CSF to Trust Services Criteria (specifically to Security, Availability, Privacy, and Confidentiality), enabling a single SOC 2 + HITRUST report.

Register to access this report.

Other Reports
bar-fresh-teal

 

G-Cloud logo

G-Cloud
The G-Cloud framework is a procurement vehicle provided by the UK government that connects cloud-based service providers to public-sector bodies in the United Kingdom.

View our G-Cloud Profile.