At FloQast, trust is woven into the fabric of everything we do. We deploy industry-leading safeguards to maintain the confidentiality, availability, and integrity of your data and our services.
We’re happy to offer the following resources to help your business validate its compliance requirements.
FloQast complies with a range of industry-standard certifications and authorizations. Check out which ones we’re compliant with.
Learn More
In addition to third-party audits, FloQast makes the following documents and resources available to meet our customers’ due diligence needs.
Learn MoreOur Customer FloQast Admins can access our Audit Reports and Compliance Resources directly within the FloQast application, while our Prospects can request a copy of our Audit Reports and Compliance Resources directly from their Account Executive.
Let us know if you have any questions by sending them to [email protected].
FloQast certifies its systems annually to AICPA SOC 1 Type 2, successfully auditing FloQast’s controls relevant for the financial reporting of our customers.
FloQast certifies its systems annually to AICPA SOC 2 Type 2, successfully auditing the operational and security processes of our services and our company.
FloQast is ISO 27001 certified, proving our expertise in securely managing information technology systems.
FloQast is ISO 27701 certified, proving our expertise in managing privacy information.
FloQast is ISO 42001 certified, proving our expertise in managing artificial intelligence use and development.
FloQast has self-certified compliance with the EU-U.S. Data Privacy Framework and the UK extension to the EU-U.S.
FloQast offers easy to use documentation covering topics including AI, Privacy, Security, Data Flow Diagrams, and more.
At FloQast, we understand the importance of trust in today's digital landscape, and that's why we've gone the extra mile to obtain a SOC 3 report. This report provides a high-level overview of our commitment to data protection, making it easily accessible for those who rely on our services.
Feel free to reach out if you have any questions or would like more information about our SOC 3 report and our commitment to safeguarding your data.
Bridge letters (also known as gap letters) are made available by FloQast to cover the period of time between the end date of the SOC reports and the current date.
FloQast engages specialist security consulting firms to complete penetration tests on high risk products and infrastructure annually.
FloQast shares our internal privacy and security policies with our customers for full transparency over how we protect and secure our customers’ data.
FloQast provides an up-to-date SIG Core, aligned with our rigorous controls and processes, ensuring transparency and confidence in our practices.
When you use FloQast, you’re trusting us with your information. This is a big responsibility, so we work hard to protect your information and put you in control.
We will be transparent about what data we collect, why we collect it, and how it’s used. For more information on our privacy practices, visit our Privacy Policy.
FloQast is committed to protecting personal information. Every employee at FloQast is trained on protecting personal information we control or process.
Whether you are a customer or website visitor, we put you in control by disclosing how we collect personal information and the rights you may have to opt-in or opt-out of our data collection practices.
FloQast maintains technical, administrative, and organizational measures designed to prevent accidental destruction, loss, alteration, and protect against unlawful processing of and unauthorized access to personal information.
FloQast has processes to help ensure that requests for access, deletion, and portability can be responded to appropriately and in a timely manner.
Privacy-by-design is a critical component of a proactive privacy program. Our compliance team frequently reviews the product roadmap and provides privacy guidance. Among other practices, FloQast leverages data minimization to help ensure personal data is accurate, complete and only processed to the extent to which it is necessary to meet the specified purposes.
Our clients entrust FloQast with their data, and as such, it is our mission to deliver features that provide resilience, confidence, and trust in our platform. We believe in scaling security through software engineering best practices and automation. We are proud to say that we have invested heavily in our security team and will continue to invest in our team, tooling and our developers who are pushing new features to our customers continuously.
FloQast employs a multi-layered authentication process to ensure only authorized personnel can access sensitive data and systems
Learn More
FloQast ensures security is designed into our product through our secure software development process
Learn More
FloQast has a comprehensive incident response program in place to minimize the impact of security incidents and ensure a prompt and effective response
Learn More
As part of FloQast's ongoing commitment to protecting Customer Data we maintain a bug bounty program that facilitates the efforts of white-hat hackers around the world
Learn MoreFloQast’s AI Principles and Ethical Standards.
We ensure ongoing stakeholder engagement in our AI ethical practices through a leadership-sponsored program and review process. Our dedicated AI Committee and key stakeholders collaborate to guide the responsible development and governance of AI across the organization.
We foster continuous improvement through clear communication channels, a strong compliance culture, and iterative R&D practices. Our teams stay ahead of trends by sharing insights, leveraging state-of-the-art technology, and ensuring alignment with our AI principles to drive innovation responsibly and effectively.
We commit to ethical AI development and use through 6 guiding principles that ensure our AI systems are responsible, transparent, and aligned with our values and stakeholder expectations.
• Risk Identification and Mitigation
• Patterns of Misuse
• AI Governance and Risk Management Policies
• Robust Security Controls
• International Technical Standards
• Data Input Measures and Protections
We prioritize risk management and security through robust programs that underpin our AI Management System and align with industry-leading frameworks. We conduct annual risk assessments following ISO methodologies and ensure our AI practices meet rigorous standards for security and privacy.
We uphold governance and integrity through a comprehensive Data Governance program designed to classify, manage, and protect data effectively. This ensures responsible data use and alignment with our commitment to ethical and transparent practices.
We prioritize customer trust with rigorous internal programs validated by third-party attestations. Our commitment ensures customers can confidently rely on our platform for processing their most sensitive data.