Chimpanion Logo
Back to Home

Data Security

Last Updated: March 10, 2025

Our Commitment to Security

At Chimpanion, we understand that the security and confidentiality of your data are critical. We've built our AI-powered onboarding assistant with security as a foundational principle, not an afterthought. This page outlines our comprehensive approach to protecting your information.

Our security program is designed to meet the highest industry standards and is regularly reviewed and updated to address emerging threats and vulnerabilities.

Security Infrastructure

Secure Cloud Infrastructure

Chimpanion is built on enterprise-grade cloud infrastructure with multiple layers of security controls. Our systems are hosted in SOC 2 Type II and ISO 27001 certified data centers with 24/7 physical security, redundant power systems, and environmental protections.

Data Encryption

We implement encryption in transit and at rest to protect your data:

  • All data transmitted between your systems and Chimpanion is encrypted using TLS 1.2+ with strong cipher suites
  • Data stored in our databases is encrypted using AES-256 encryption
  • Encryption keys are managed using a secure key management system with regular rotation

Network Security

Our network is protected by multiple security layers:

  • Enterprise-grade firewalls and intrusion detection systems
  • DDoS protection to ensure service availability
  • Regular vulnerability scanning and penetration testing
  • Web application firewalls to protect against common web attacks

Access Controls

Principle of Least Privilege

We follow the principle of least privilege, ensuring employees only have access to the specific data and systems necessary for their job functions. Access rights are regularly reviewed and updated when roles change.

Strong Authentication

We enforce strong authentication practices:

  • Multi-factor authentication (MFA) for all employee access to systems
  • MFA available for all customer accounts
  • Single sign-on (SSO) integration options for enterprise customers
  • Strict password policies with regular rotation requirements

Data Handling

Data Segregation

Customer data is logically segregated to ensure that one customer's data cannot be accessed by another customer. Our multi-tenant architecture is designed with strong isolation controls.

Backup and Recovery

We maintain regular backups of all customer data:

  • Automated daily backups with point-in-time recovery options
  • Backup data is encrypted and stored in geographically separate locations
  • Regular backup restoration tests to ensure recoverability

Incident Response

We have a comprehensive incident response plan that includes:

  • 24/7 monitoring for security events
  • Defined procedures for identifying, containing, and remediating security incidents
  • Regular incident response drills and tabletop exercises
  • Transparent communication with affected customers in the event of a breach

Compliance and Certifications

Chimpanion maintains compliance with industry standards and regulations:

  • SOC 2 Type II certified
  • GDPR compliant
  • CCPA compliant
  • HIPAA compliant (for customers in healthcare)
  • Annual third-party security assessments

Our compliance documentation is available to customers under NDA. Please contact your account representative for more information.

Employee Security

Our security program extends to our team members:

  • Background checks for all employees
  • Comprehensive security training during onboarding and regularly thereafter
  • Security awareness programs to keep security top-of-mind
  • Clear security policies and procedures

AI Security

As an AI-powered platform, we take additional measures to ensure the security of our AI systems:

  • Regular auditing of AI training data to prevent bias and security vulnerabilities
  • Strict controls on AI model access and deployment
  • Continuous monitoring of AI system behavior for anomalies
  • Ethical AI use policies and governance

Security Assurance

We're committed to maintaining transparency about our security practices:

  • Regular security updates to customers
  • Vulnerability disclosure program
  • Security whitepapers and documentation available upon request

For more detailed information about our security program or to report a security concern, please contact our security team at security@chimpanion.com.