See how Intrro works every Tuesday at 2pm ET

By clicking “Accept All”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
PreferencesDenyAccept All
Back to Help Center

Security

Security

What and where does Intrro store the data it collects?

Do you fill out security assessments?

Who is the security contact?

Single Sign-On

User Roles

Passwords

Application Infrastructure

Vulnerability Management

Intrusion Detection and Prevention

Logical Separation

Incident Response

Vulnerability Disclosure

Software Development Life Cycle

Data Encryption

Data Subprocessors

New SCCs & the GDPR

California Consumer Privacy Act

High Availability

Business Continuity

Disaster Recovery

Backups

Physical Security

Security Training

Risk Management

Security Policies

Vendor Management

Confidentiality Agreements

Endpoint Security

SOC 2 Type II

1. Definitions

2. Customer Data subject to EU Data Protection Law

3. Purpose and Scope

4. Security

5. Data Subject Rights

6. Customer Personal Data Breach

7. Sub-Processors

8. Audit

9. Impact Assessment

10. Data Deletion

11. Transfer Mechanisms

12. Customer Data subject to CCPA

13. Customer Data subject to LGPD

14. Customer Responsibilities

15. Liability

16. Term and Termination

17. General

Annex 1A

Annex 1B

Annex 1C

Annex 2

Annex 3

Compliance Documentation

Data Subjects Rights

Consent

Data Breach

Data Subprocessors

To support delivery of our Services, Intrro may engage and use data processors with access to certain Customer Data or Personal Information (each, a “Subprocessor”). This page provides information about each Subprocessor. Please email security@intrro.com if you have any questions.

Amazon Web Services

  • Location: Seattle, United States.
  • Security certifications: Privacy Shield, ISO27001, SOC3.
  • Data processed: Anonymized content, email address, IP address.
  • Use: Data storage, backups, CDN, DNS, SSL, domain management, emails.

Slack

  • Location: Palo Alto, United States.
  • Security certifications: SOC 2, SOC 3, ISO 27001, ISO 27018, ISO 27017
  • Data processed: User name, user email address, survey responses.
  • Use: Customer communications.

Google Cloud

  • Location: Mountain View, United States.
  • Security certifications: Privacy Shield, ISO27001, SOC3.
  • Data processed: User-added content.
  • Use: Natural language processing.

Customer.io

  • Location: San Francisco, United States.
  • Security certifications: SOC 2, HIPAA, GDPR
  • Data processed: User-added content (when using transcription).
  • Use: Full name, job title, email address, IP address, customer communications, customer activities and analytics

Segment

  • Location: San Francisco, United States.
  • Security certifications: Privacy Shield, ISO 27001, ISO 27017, ISO 27018, SOC 2.
  • Data processed: User name, email address, IP address, analytics.
  • Use: Product analytics.

Zapier 

  • Location: San Francisco, United States.
  • Security certifications: SOC 2, SOC 3
  • Data processed: User name, email address.
  • Use: Automations of tasks 

Intercom

  • Location: San Francisco, United States.
  • Security certifications: Privacy Shield, ISO 27001, SOC 2, CSA, HIPAA
  • Data processed: first name, last name, company name, email address, IP address, company physical address.
  • Use: Business messaging

Hubspot

  • Location: Cambridge, United States.
  • Security certifications: SOC 2, SOC 3, GDPR,
  • Data processed: User name, email address, IP address, physical address.
  • Use: Sales and Marketing Automation