Ace Is Watching You

Our Ace takes Lingpad’s security very seriously. He protects your data at any cost and nothing gets past him. 

Certifications & Compliance

SOC 2 Type 2

SOC 2 Type 2 certification defines five trust principles for managing consumer data - privacy, security, confidentiality, availability, and integrity. Lingpad’s security measures, privacy policies, and operations are in line with consumer data protection guidelines of SOC 2 Type 2.

Payment Card Industry Data Security Standard (PCI DSS)

The PCI DSS helps vendors and businesses that their payment systems are secure and protected (in the event of breaches and theft). Lingpad uses the PCI DSS certified third-party payment processor Stripe. We do not store any personal financial information like credit card numbers.

ISO 27001 and ISO 27017 Coming Soon!

ISO 27001 certification includes international specifications for Information Security Management System (ISMS). Lingpad is ISO 27001 certified, along with its extension - ISO 27017 - for cloud service providers. Our security measures, risk management processes, and data protection policies.

Health Insurance Portability and Accountability Act (HIPAA)

HIPAA is a federal law in the United States that specifies the national standards to protect sensitive patient health information from being disclosed without the patient’s consent or knowledge. Lingpad employs trained employees and business associates who are bound by NDAs and Business Associate contracts to adhere to the HIPAA compliance norms at all times. This means any PHI you share with us is protected from misuse, theft, and unlawful disclosure.

General Data Protection Regulation (GDPR)

Lingpad is GDPR compliant. We uphold the highest international data privacy standards and ensure that all our customers' data is safe, secure, and protected.

EU-US Privacy Shield

Lingpad complies with the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks.
Designed by the U.S. Department of Commerce, European Commission, and Swiss Administration, the framework to provide companies on both sides of the Atlantic with a mechanism to comply with data protection requirements when transferring personal data from the European Union and Switzerland to the United States.

Monitored 24/7/365

Uptime 99.9% or higher

Information Security Controls In Business Operations

Human Resources Security

Lingpad has ethical business practices which reflect when we handpick quality employees. We ensure that they understand the integral role they play in information security and hence, bear certain responsibilities.

Data Encryption

Lingpad encrypts all costumer data to protect it. Our encryption policy ensures all critical data like password, payment details, etc. is always encrypted and protected.

Change management

Lingpad’s servers do not have critical updates older than 30 days as our servers are updated on a monthly basis.

System development and maintenance

At Lingpad, we employ extensive processes for designing, implementing, maintaining, and reviewing our code. We perform regular checks to correct faults, improve performance, and enable the platform to adapt to a different environment.

Business continuity management

Lingpad conducts periodic simulation tests to prepare its infrastructure in case of risk of exposure to any internal and external threats. Redundancy is built into this infrastructure to ensure there’s a backup system in place when the system or a component fails.

Incident response

Lingpad has some incident response procedures in place that are activated once we detect an attack or breach. The system works on containment and recovery. In the meantime, we continue serving customers the way we always do.

System monitoring and alerting

The Lingpad system is monitored 24/7 round the year. Our historical uptime is 99.9% or higher - check here. In case of any critical issues, the DevOps team is alerted immediately.

Access control

Lingpad’s security architecture requires all users to be identified and authenticated via their accounts before accessing customers’ cloud accounts.

Physical and environmental security

We placed certain safeguards to ensure that all the information stored physically is secure and protected. Only authorized personnel can access these assets.

Backups

We conduct automated and encrypted backups of all customer data every day. This data is monitored by operations personnel.

Server and Data

We’ve built the most secure global infrastructure with Amazon Web Services (AWS). Hence, we encrypt all customer data (in-transit) and manage retention. Additionally, our SSL/TLS and AES algorithms make Lingpad fully equipped with secure network communication and a high level of encryption.

Governance, Risk Management, and Compliance (GRC)

Following the GRC approach helps Lingpad employ and encourage good business practices. All our processes and procedures help us achieve our business objectives, tackle any uncertainties, and act with integrity in all our business associations.

Supplier relations

Lingpad takes the appropriate security measures while screening and employing vendors. All vendors sign confidentiality agreements with Lingpad and are monitored to mitigate any risks that may arise.