From the time ZeroBounce was only a business idea, security was at the top of our minds. We wanted to create an accurate email verification service that would operate safely and fulfill the most advanced data protection standards.
Today, it gives our customers great peace of mind knowing that their data is in good hands while they can focus on restoring the quality of their email lists.
Take a look at the list of certifications and accreditations ZeroBounce received. They all confirm our dedication to protecting your files while you enjoy using our email verifier.
SOC 2 Type 2 Certification
ZeroBounce has undergone an examination of its internal controls and is SOC 2 Type 2-certified as of March 22, 2022.
The examination was conducted by external auditors under the guidelines established by the AICPA. The technical auditing process evaluated ZeroBounce’s internal controls to ensure customer data is managed according to AICPA’s criteria: security, availability, processing integrity, confidentiality and privacy.
ZeroBounce’s SOC 2 Type 2 compliance reinforces our commitment to the highest data security and privacy standards.
SOC2 Type 2 Certification: https://www.zerobounce.net/docs/images/pdf/ZeroBounceSOC2Type2Certificate.pdf to find more details about URL
SOC 2 Certification
ZeroBounce was audited by a certified auditing firm and is proud to have successfully met the criteria of SOC 2 compliance effective July 9th, 2021.
SOC stands for “Systems and Organization Controls.” Developed by the American Institute of CPAs (AICPA), SOC 2 regulates how service organizations should manage customer data. It is a report on controls relating to security, availability, processing integrity, confidentiality and privacy.
SOC 2 reports are intended to meet the needs of a broad range of users that require detailed information and assurance about the controls at a service organization. These controls pertain to the security, availability and processing integrity of the systems that an organization uses to process users’ data. They are also relevant to the confidentiality and privacy of the information processed by these systems.
SOC 2 reports can play an important role in the:
- Oversight of the organization
- Vendor management programs
- Internal corporate governance and risk management processes
- Regulatory oversight
ISO/IEC 27001:2013 Management System, MSECB Certificate
ZeroBounce is ISO 27001:2013 certified as of August 24, 2022, when it attained the MSECB Management System Certificate. Our organization has been assessed and found to be in accordance with the management system requirements for ISO/IEC 27001:2013 (Information Technology).
You can see our status on this IAF profile page to find more details about URL.
ISO 27001:2013 sets standards for establishing, implementing, maintaining and improving an information security management system within an organization.
This internationally recognized certification, which is regularly reviewed by an independent auditor, demonstrates our continual commitment to improving and protecting important digital assets.
https://www.zerobounce.net/docs/images/pdf/ISO-IEC-27001.pdf to find more details about URL
Health Insurance Portability and Accountability Act (HIPAA)
The Health Insurance Portability and Accountability Act of 1996 is a United States privacy rule that mandates “covered entities” to protect your confidential healthcare information. The most common examples of these entities are doctors, healthcare providers, insurance companies, or clinics.
All governed entities must adhere to this privacy rule when storing or sharing confidential healthcare information with other “covered entities.” These institutions may never share this data with a third party that does not also satisfy the conditions for HIPAA certification and compliance.
ZeroBounce attained HIPAA privacy certification in August of 2023 after successfully satisfying all examination requirements in accordance with guidelines established by the AICPA for the reporting standard SOC 2 plus HIPAA Type 2.
This certification grants ZeroBounce the ability to work with these “covered entities” described above. ZeroBounce will continue to take the necessary steps to adhere to HIPAA privacy standards and renew its HIPAA certification when applicable.
https://www.zerobounce.net/docs/images/pdf/HIPAACertification.pdf to find more details about URL
CYBER SMART DEFENCE
ZeroBounce received a Cyber Smart Defence (CSD) certification in 2023 to safeguard our system from any potential security breaches. Created by world-class experts in cybersecurity, CSD ensures our email verification platform remains a safe space for partners and customers worldwide.
At ZeroBounce, CSD specialists run periodical IT security audits, penetration tests, and vulnerability assessments. Furthermore, our team participates in periodic training sessions with the CSD team to stay on top of the latest cybersecurity developments.
PCI stands for Payment Card Industry, which is a set of standards that ensures all online transactions involving credit cards are made safely. ZeroBounce adheres to PCI standards to protect customers’ data during the payment process on zerobounce.net.
We partner with world-class, well-respected cybersecurity companies to assess our systems on a monthly basis. These comprehensive tests focus on all aspects of our application. Ensuring all transactions take place safely and responsibly is paramount to us.
EU GDPR COMPLIANCE
The General Data Protection Regulation (GDPR) aims to improve data privacy laws across Europe and create a safer online environment for consumers worldwide. ZeroBounce became EU GDPR Compliant a few months before the new regulations came into force on May 25, 2018.
Our email list verification platform abides by all GDPR requirements, established by the European Parliament and the Council of the European Union. Following GDPR protocols ensures your data is safeguarded while you validate your email lists and make payments on our platform. ZeroBounce is committed to processing personal data that is subject to the GDPR in a lawful, fair, and transparent manner.
Our Data Protection Officer conducts regular assessments on ZeroBounce’s GDPR compliance. Moreover, a third-party security company runs monthly audits to confirm our ongoing commitment to your data privacy.
PRIVACY SHIELD FRAMEWORK
The EU-U.S. and Swiss-U.S. Privacy Shield Frameworks are sets of regulations that provide companies with the mechanisms to transfer personal data securely during transatlantic commerce. The EU-US and Swiss-US Privacy Shield Programs require annual registration and re-certification.
ZeroBounce joined the Privacy Shield voluntarily and complies with the Framework’s requirements. These requirements revolve around privacy principles such as notice, access, choice, and accountability for onward transfer. As a data processor, ZeroBounce provides users with a secure upload mechanism and uses encryption ciphers for the email databases download process.
Since December 2017, our company has been an active participant in the EU-U.S. and Swiss-U.S. Privacy Shield Programs.
BBB ACCREDITED BUSINESS
The Better Business Bureau (BBB) is an organization whose mission is to foster trust between businesses and consumers and to support best practices in the marketplace. The BBB sets standards that maintain and encourage good marketplace behavior and helps build a more transparent business community.
After careful evaluation by the BBB Board of Directors, the organization established that ZeroBounce meets BBB accreditation standards. Some of these standards include a positive track record in the marketplace, adherence to fair advertising and selling, and the honest representation of products and services.
Our company became a BBB Accredited Business in September 2017.
ZeroBounce has taken all necessary steps to renew each of these certifications and accreditations. Our team is collaborating with third-party experts who help us periodically assess our status and undertake thorough compliance measures.
BBB Certificationhttps://www.zerobounce.net/docs/images/pdf/BBBCertification.pdf to find more details about URL