Customer Data Security at Enterprise Scale
From people to technology, ActionIQ has been built from the ground up with security and privacy in mind. Our team, business practices and security infrastructure are best in class.
A Culture of Security
“At ActionIQ we design technology that enables consumers to have personalized experiences with your brand. At the foundation of those experiences is trust. Trust that PII will be used appropriately and fully secured. Our team is here as your partner in safeguarding that trust so you can remain focused on building loyal and lasting customer relationships.”
Steve McColl
VP of Engineering

Compliance and Certifications




Why We Committed to SOC 2® Type 2
Rather than being something you “get done,” SOC 2 is more of an ongoing commitment to a new way of life — with very high and specific standards for security, processing integrity, availability, confidentiality and privacy.

Enterprise Admin Tooling
ActionIQ’s administrative tools are designed to support your organization’s data, user and security management policies.
User Management
Role and team-based permissioning and authorization framework
Authentication
Single sign-on (SSO), two-factor authentication (2FA), password mandates and reCaptcha
Configurability
Self-service administration interface to support your distinct processes
Logging and Tracking
Auditable logs of user activity as well as data ingest & export events
Deployment Environment
Configured with dedicated development and production accounts
Data Purging
Permanent removal of deleted data
Security and Privacy Best Practices
ActionIQ employs a combination of infrastructure, technology, product design, processes, and internal & external personnel to implement a broad range of industry best practices for data security.
Encryption Everywhere
Data is encrypted in transit using Advanced Encryption Standard (AES-256) and at rest
SaaS Isolation
Employs dedicated instance data processing and utilizes client-specific identity and access management (IAM) definitions
Secure, Minimal Network Surface
White-listed IPs; private subnet behind network proxy, firewalls and an IDS/IPS solution with 24/7/365 monitoring and alerting
Compliance
Compliant with SOC 2® Type 2, EU Privacy Shield, CCPA with inherited certifications from AWS
Internal Validation
Conduct periodic risk assessments, infosec audits, mandatory training, business continuity (BCP) and disaster recovery (DR) planning
External Validation
External experts conduct periodic penetration tests and code analysis in addition to annual SOC 2 Type 2 examinations — one of the industry’s most rigorous trust standards