Ace Is Watching You
Our Ace takes Lingpad’s security very seriously. He protects your data at any cost and nothing gets past him.
Certifications & Compliance
SOC 2 Type 2
SOC 2 Type 2 certification defines five trust principles for managing consumer data - privacy, security, confidentiality, availability, and integrity. Lingpad’s security measures, privacy policies, and operations are in line with consumer data protection guidelines of SOC 2 Type 2.
Payment Card Industry Data Security Standard (PCI DSS)
The PCI DSS helps vendors and businesses that their payment systems are secure and protected (in the event of breaches and theft). Lingpad uses the PCI DSS certified third-party payment processor Stripe. We do not store any personal financial information like credit card numbers.
ISO 27001 and ISO 27017 Coming Soon!
ISO 27001 certification includes international specifications for Information Security Management System (ISMS). Lingpad is ISO 27001 certified, along with its extension - ISO 27017 - for cloud service providers. Our security measures, risk management processes, and data protection policies.
Health Insurance Portability and Accountability Act (HIPAA)
HIPAA is a federal law in the United States that specifies the national standards to protect sensitive patient health information from being disclosed without the patient’s consent or knowledge. Lingpad employs trained employees and business associates who are bound by NDAs and Business Associate contracts to adhere to the HIPAA compliance norms at all times. This means any PHI you share with us is protected from misuse, theft, and unlawful disclosure.
General Data Protection Regulation (GDPR)
Lingpad is GDPR compliant. We uphold the highest international data privacy standards and ensure that all our customers' data is safe, secure, and protected.
EU-US Privacy Shield
Lingpad complies with the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks. Designed by the U.S. Department of Commerce, European Commission, and Swiss Administration, the framework to provide companies on both sides of the Atlantic with a mechanism to comply with data protection requirements when transferring personal data from the European Union and Switzerland to the United States.
Uptime 99.9% or higher
Information Security Controls In Business Operations
Human Resources Security
Lingpad has ethical business practices which reflect when we handpick quality employees. We ensure that they understand the integral role they play in information security and hence, bear certain responsibilities.
Lingpad encrypts all costumer data to protect it. Our encryption policy ensures all critical data like password, payment details, etc. is always encrypted and protected.
Lingpad’s servers do not have critical updates older than 30 days as our servers are updated on a monthly basis.
System development and maintenance
At Lingpad, we employ extensive processes for designing, implementing, maintaining, and reviewing our code. We perform regular checks to correct faults, improve performance, and enable the platform to adapt to a different environment.
Business continuity management
Lingpad conducts periodic simulation tests to prepare its infrastructure in case of risk of exposure to any internal and external threats. Redundancy is built into this infrastructure to ensure there’s a backup system in place when the system or a component fails.
Lingpad has some incident response procedures in place that are activated once we detect an attack or breach. The system works on containment and recovery. In the meantime, we continue serving customers the way we always do.
System monitoring and alerting
The Lingpad system is monitored 24/7 round the year. Our historical uptime is 99.9% or higher - check here. In case of any critical issues, the DevOps team is alerted immediately.
Lingpad’s security architecture requires all users to be identified and authenticated via their accounts before accessing customers’ cloud accounts.
Physical and environmental security
We placed certain safeguards to ensure that all the information stored physically is secure and protected. Only authorized personnel can access these assets.
We conduct automated and encrypted backups of all customer data every day. This data is monitored by operations personnel.
Server and Data
We’ve built the most secure global infrastructure with Amazon Web Services (AWS). Hence, we encrypt all customer data (in-transit) and manage retention. Additionally, our SSL/TLS and AES algorithms make Lingpad fully equipped with secure network communication and a high level of encryption.
Governance, Risk Management, and Compliance (GRC)
Following the GRC approach helps Lingpad employ and encourage good business practices. All our processes and procedures help us achieve our business objectives, tackle any uncertainties, and act with integrity in all our business associations.
Lingpad takes the appropriate security measures while screening and employing vendors. All vendors sign confidentiality agreements with Lingpad and are monitored to mitigate any risks that may arise.