At FloQast, trust is woven into the fabric of everything we do. We deploy industry-leading safeguards to maintain the confidentiality, availability, and integrity of your data and our services.
We’re happy to offer the following resources to help your business validate its compliance requirements.
FloQast complies with a range of industry-standard certifications and authorizations. Check out which ones we’re compliant with.
Learn More
In addition to third-party audits, FloQast makes the following documents and resources available to meet our customers’ due diligence needs.
Learn MoreOur Customer FloQast Admins can access our Audit Reports and Compliance Resources directly within the FloQast application, while our Prospects can request a copy of our Audit Reports and Compliance Resources directly from their Account Executive.
Let us know if you have any questions by sending them to [email protected].
FloQast certifies its systems annually to AICPA SOC 1 Type 2, successfully auditing FloQast’s controls relevant for the financial reporting of our customers.
FloQast certifies its systems annually to AICPA SOC 2 Type 2, successfully auditing the operational and security processes of our services and our company.
FloQast is ISO 27001 certified, proving our expertise in securely managing information technology systems.
FloQast is ISO 27701 certified, proving our expertise in managing privacy information.
The Product Security FAQ provides a data flow diagram and frequently asked questions related to integrations and data handling.
At FloQast, we understand the importance of trust in today's digital landscape, and that's why we've gone the extra mile to obtain a SOC 3 report. This report provides a high-level overview of our commitment to data protection, making it easily accessible for those who rely on our services.
Feel free to reach out if you have any questions or would like more information about our SOC 3 report and our commitment to safeguarding your data.
Bridge letters (also known as gap letters) are made available by FloQast to cover the period of time between the end date of the SOC reports and the current date.
FloQast makes our ISO 27001 Statement of Applicability available to customers upon request. The Statement of Applicability states the Annex A controls that FloQast has determined to be necessary for mitigating information security risk and any Annex A controls that have been excluded.
FloQast engages specialist security consulting firms to complete penetration tests on high risk products and infrastructure annually.
FloQast shares our internal privacy and security policies with our customers for full transparency over how we protect and secure our customers’ data.
When you use FloQast, you’re trusting us with your information. This is a big responsibility, so we work hard to protect your information and put you in control.
We will be transparent about what data we collect, why we collect it, and how it’s used. For more information on our privacy practices, visit our Privacy Policy.
FloQast is committed to protecting personal information. Every employee at FloQast is trained on protecting personal information we control or process.
Whether you are a customer or website visitor, we put you in control by disclosing how we collect personal information and the rights you may have to opt-in or opt-out of our data collection practices.
FloQast maintains technical, administrative, and organizational measures designed to prevent accidental destruction, loss, alteration, and protect against unlawful processing of and unauthorized access to personal information.
FloQast has processes to help ensure that requests for access, deletion, and portability can be responded to appropriately and in a timely manner.
Privacy-by-design is a critical component of a proactive privacy program. Our compliance team frequently reviews the product roadmap and provides privacy guidance. Among other practices, FloQast leverages data minimization to help ensure personal data is accurate, complete and only processed to the extent to which it is necessary to meet the specified purposes.
Our clients entrust FloQast with their data, and as such, it is our mission to deliver features that provide resilience, confidence, and trust in our platform. We believe in scaling security through software engineering best practices and automation. We are proud to say that we have invested heavily in our security team and will continue to invest in our team, tooling and our developers who are pushing new features to our customers continuously.
FloQast employs a multi-layered authentication process to ensure only authorized personnel can access sensitive data and systems
Learn More
FloQast ensures security is designed into our product through our secure software development process
Learn More
FloQast has a comprehensive incident response program in place to minimize the impact of security incidents and ensure a prompt and effective response
Learn More
As part of FloQast's ongoing commitment to protecting Customer Data we maintain a bug bounty program that facilitates the efforts of white-hat hackers around the world
Learn MoreAt FloQast we’re always looking to have top talent join our security team. Go check out the open Security roles we have available. If we don’t have a role open that matches perfectly, that’s okay – we’re growing quickly and would still like to hear from you.