Trust & Security

We are actively working towards compliance with the following industry standards to ensure the highest level of security and data protection for our customers.

• HIPAA: Health Insurance Portability and Accountability Act.
• GDPR: General Data Protection Regulation.
• CCPA: California Consumer Privacy Act.
• SOC 2: System and Organization Controls 2.
• ISO 27001: International Organization for Standardization 27001.

• Data Encryption: All data in transit is protected with TLS 1.2+ encryption.
• Data Storage: Wait-list email addresses are securely stored using Google Cloud infrastructure and Waitlistr’s encrypted storage systems with strict access controls and activity logging.
• Access Control: Internal staff accounts are protected with two-factor authentication (2FA) and follow least-privilege principles.
• Penetration Testing: We conduct annual penetration testing to identify and remediate potential vulnerabilities before launch.
• Security Reviews: Regular internal reviews and security improvements are part of our ongoing roadmap.