Zuddl Trust Center

Start your security review
View & download sensitive information
Ask for information
ControlK

Zuddl Trust Center

Security Overview

At Zuddl, security is built into every layer of our platform. We follow a secure-by-design approach, embedding security controls across infrastructure, application development, and operational processes.

Infrastructure Security
Our platform is hosted on secure cloud infrastructure with strong network controls, encryption, and continuous monitoring to protect against unauthorized access.

Application Security
We implement a Secure Software Development Lifecycle (SSDLC) that includes secure coding practices, code reviews, automated security testing, and dependency scanning to identify and remediate vulnerabilities early.

Access Control
Access to systems and data is restricted based on the principle of least privilege. We enforce role-based access controls (RBAC), Single Sign-On (SSO), and multi-factor authentication (MFA) for critical systems.

Monitoring & Detection
We maintain centralized logging and real-time monitoring to detect suspicious activities. Security events are continuously monitored and investigated.

Security controls are continuously validated through automated scanning, monitoring, and periodic third-party assessments.

Incident Response
We have a formal incident response process to quickly identify, contain, and remediate security incidents, with defined communication and escalation procedures.

Data Privacy

We are committed to protecting personal data and supporting global privacy regulations. Our privacy program is designed to ensure transparency, accountability, and user control over personal data.

Customer data is retained only for the duration of the contract and a defined retention period, after which it is securely deleted.

Data Protection Principles

Data minimization and purpose limitation
Encryption of data in transit and at rest
Strict access controls and monitoring

Data Subject Rights
We support user rights under applicable privacy regulations, including:

Right to access
Right to rectification
Right to deletion
Right to data portability

Cross-Border Data Transfers
We implement appropriate safeguards, including Standard Contractual Clauses (SCCs), to ensure lawful and secure international data transfers.

Subprocessors are reviewed periodically and monitored for compliance with security and privacy requirements.

Compliance

CCPA Logo
CCPA
GDPR Logo
GDPR
ISO/IEC 27001:2022 Logo
ISO/IEC 27001:2022
ISO/IEC 27701:2019 Logo
ISO/IEC 27701:2019
SOC 2 Type 2 Logo
SOC 2 Type 2

Documents

COMPLIANCEISO/IEC 27001:2022
COMPLIANCESOC 2 Type 2
COMPLIANCEISO/IEC 27701:2019
LEGALData Processing Agreement
DOCUMENTSPentest

Risk Profile

Self-Assessments

Product Security

App Security

Data Security

Reports

AI

ESG

Legal

Data Privacy

Access Control

Infrastructure

Endpoint Security

Network Security

Corporate Security

Policies

Security Grades

Incident Response

Risk Management

Asset Management

BC/DR

Training

Change Management

Physical & Environment

Continuous Monitoring

Subprocessors

Knowledge Base (FAQ)
  • How are subprocessors vetted?
  • Do you integrate with third-party tools?
  • Does Zuddl use AI?
  • What is your RTO?
  • What do cookies store?
View more
If you need help using this Zuddl Trust Center, please contact us.
Contact support
If you think you may have discovered a vulnerability, please send us a note.
Report issue
Built onSafeBase by Drata Logo