Purchasely is SOC 2 type II certified. Our commitment to security and confidentiality

Five years ago, with Nicolas and Romain, we founded Purchasely with the vision to revolutionize app conversion funnels and create a new product line that enhances engagement, similar to what mobile CRMs do for user retention. Today, we manage over 15 million subscribers and handle more than 15 billion requests per month.

We achieve this with a select number of applications as we do not offer free plans. We partner with top apps across various App Store categories, including Tomtom, SleepCycle, Pango, Wattpad, MuslimPro, Headspace, and Photoroom. Supporting these high-profile applications requires first-class products, 24/7 availability, and the highest standards of security and confidentiality.

We are proud to announce that Purchasely is now SOC 2 Type II certified, underscoring our commitment to adhering to the highest standards and continuously enhancing our security measures.

What is SOC 2 Certification?

SOC 2 (System and Organization Controls 2) is a certification developed by the American Institute of CPAs (AICPA) to ensure that service organizations manage customer data securely and responsibly. It assesses a company's adherence to five key trust service principles: security, availability, processing integrity, confidentiality, and privacy.

Achieving SOC 2 compliance involves a comprehensive audit by an independent third party, verifying that the company's internal controls and processes meet rigorous standards for protecting sensitive information and maintaining data integrity.

Type I vs. Type II

SOC 2 Type I evaluates the design and implementation of a company’s controls at a specific point in time. It assesses whether the controls are suitably designed to meet the relevant trust service principles.

SOC 2 Type II goes a step further by not only evaluating the design and implementation of controls but also testing their operational effectiveness over a period of time, typically three months to a year. This extended evaluation period provides a more comprehensive assessment of the organization's ongoing commitment to maintaining high standards of data security and integrity.

Beyond Just SOC 2: An “Enterprise Ready” Policy

SOC 2 certification is just one aspect of our comprehensive security strategy. We have enhanced our policies to meet the needs of enterprise-level customers by:

• Conducting regular penetration tests (at least annually) by a certified and independent security company.
• Performing employee security training.
• Regularly testing our incident response and business continuity plans, including reviewing communication methods.
• Increasing our insurance coverage to over $1 million to cover potential damages.
• Ensuring compliance with GDPR, CCPA, and COPPA regulations.

Benefits

The benefits of SOC 2 certification extend beyond our customers. It has also strengthened Purchasely as a company by:

• Anonymous Whistleblowing Channel: Promoting a culture of transparency and accountability, even if never used.
• Employee Performance Evaluation: Enhancing our annual performance reviews with improved interview templates and new focus areas.
• Board of Directors Charter: Formalizing the conduct of our board meetings, leading to greater efficiency.

These efforts have positioned Purchasely as the most trusted subscription service among large organizations, demonstrating our unwavering commitment to security, confidentiality, and excellence.

Want to learn more about our commitment to security and confidentiality? Visit our security page.