Shopify Ecosystem

It’s Official: Gorgias Is Now SOC 2 Type II Certified

it’s-official:-gorgias-is-now-soc-2-type-ii-certified
b752f613ee4946bd936f0a0820687f05?s=250&r=g

We’re thrilled to announce our SOC 2 Type II certification as part of our ongoing commitment to providing you the highest level of security assurance.

When you use Gorgias, we know that you’re putting your trust in us. That’s why we hold our commitment to your security as our highest priority and safeguard your data with full transparency. Our security policy contains penetration testing, incident response plan, data lifecycle, comprehensive system status live report, and more.

Today, we’re happy to announce that Gorgias is now Service Organization Control (SOC) 2 compliant for Type 2. This achievement follows our numerous investments in platform security over the years as part of our goals to secure customer data. 

An independent auditor conducted a thorough audit of our servers, systems, and products over six months. They verified that our information security practices, policies, procedures, and operations meet the thorough SOC 2 standards for security, availability, processing integrity, confidentiality, and privacy (also called five trust service principles).

This industry-wide recognition serves as our reassurance that your data is managed in a controlled and audited environment. 

What is SOC 2 Type II Compliance?

Developed by the American Institute of CPAs (AICPA), SOC 2 defines criteria for evaluating how well a company manages customer data and ensuring a set of security controls are in place. A SOC 2 report is unique to each organization because it’s in line with specific business practices. 

There are two types of SOC 2 reports: Type I and Type II. Type I checks if a system can handle issues like data breaches. Meanwhile, Type II examines how the system works and how effective it is to protect data against security threats.

What Does Our SOC 2 Type 2 Compliance Mean for You?

Our completion of the SOC 2 Type II audit is our testament to the fact that we always prioritize your data security and privacy. We appreciate your trust in us and strive to strengthen this trust in the long term. 

You can be sure that:

  • The data you share with Gorgias meets the AICPA standards for security. That goes for your personal information, ticket inquiries, customer data, and the like. 
  • Your data is protected with procedures and controls to assess, minimize, and eliminate risks and vulnerabilities. 
  • We always conduct ongoing monitoring of features and processes across our platform to maintain security. 

What’s Next?

We hope our successful SOC 2 Type 2 helps you rest easy knowing that your data in Gorgias is secure. But this update is only the latest milestone in delivering our commitment. We’re continuing to improve our security control and data privacy practices for all merchants. To learn more about our security policies, visit our security page or contact us at support@gorgias.io.

Special thanks to our friends at Gorgias for their insights on this topic.

About the author

Steve Hutt

Steve has entrepreneurship in his DNA, starting in the early days of online commerce when he achieved Power Seller status through his eBay store. This propelled him to become a co-founder of VisionPros.com, a contact lens and eyewear retailer. With a successful exit from his startup, he embarked on his next journey into agency work in e-commerce and digital strategy.

Currently, Steve is a Senior Merchant Success Manager at Shopify Plus, where he helps identify, navigate, and accelerate growth in the complex world of commerce.

To maintain his competitive edge, Steve also hosts the eCommerce Fastlane Podcast and Shopify Founder Stories, a top-rated twice-weekly podcast where he interviews Shopify Partners and subject matter experts who share the latest marketing strategy, tactics, platforms, and must-have apps, to help Shopify brands improve efficiencies, grow revenue, profit, and lifetime customer loyalty.

Add Comment

Click here to post a comment