A Sub-Processor is a third party data processor engaged by a Data Processor who has or will have access to or process personal data from a Data Controller.
Is Scoop SOC2 Compliant?
Yes, Scoop is SOC2 Type II and SOC3 compliant. To access our reports contact security@takescoop.com
Is your data encrypted?
Data is encrypted in transit between the public internet and Scoop's networks in AWS (TLS 1.2). Data is also encrypted at rest using AWS-managed keys. User passwords are encrypted (salted and hashed) using modern encryption libraries, and multi-factor authentication is required for every account. Data submitted by clients is heavily validated for correctness, and system logs strive to never include sensitive information
What data do you store?
For full information on the data Scoop collects, how we use it and how we protect your privacy please see our privacy policy.
Is Scoop GDPR Compliant?
Yes, Scoop is GDPR compliant, however we currently only support data residency in the United States. Download Scoop's data processing agreement here.
Where can I find the list of Data Subprocessors?
You can navigate to to see the most recent list of data sub processors at Scoop Sub Processors.
Can you provide a pen test report?
The latest penetration test report can be provided to customers by emailing security@takescoop.com.
How can I report Security issues?
We review security issues as soon as possible and you can report them by emailing security@takescoop.com.
An automation-led approach allows us to confidently prove our security and compliance posture any day of the year and fosters a culture of compliance.