Committed to Trust: Litmus Receives Independent SOC 2 Type 2 Report with Zero Findings for Fourth Consecutive Year

Trust, privacy, and security are core tenets at Litmus. Every solution we offer is designed with the security and privacy of our customers in mind.

In turn, email marketing teams like yours trust Litmus to help them gain the trust of their audience by ensuring every email is personalized effectively and optimized for every subscriber.

To provide evidence of our dedication to trust and security to our customers, we are proud to announce that we have earned our SOC 2 Type 2 certification with zero findings for the fourth consecutive year. This year, that certification includes our Litmus Personalize solution.

AICPA SOC logo

What is the difference between a SOC 2 Type 1 and SOC 2 Type 2 Certification?

The key difference between SOC 2 Type 1 and SOC 2 Type 2 reports lies in the scope and depth of the audit conducted.

SOC 2 Type 1 reports provide a point-in-time assessment of a service organization’s controls, typically conducted over a few weeks. SOC 2 Type 2 reports offer a more in-depth evaluation over a period of 3 to 12 months, examining the ongoing effectiveness of the controls.

What does this mean for you?

Given the American Institute of CPAs’ robust SOC 2 Type 2 standards, as a Litmus customer you can:

  • Get complete peace of mind that your information is securely handled and protected from unauthorized access.
  • Confidently rely on the Litmus solution to be available when you need it most.
  • Rest assured that the data and information you get from Litmus is trustworthy, accurate, and complete at all times.

We take the five “trust services principles” of SOC 2—privacy, security, availability, confidentiality, and processing integrity—to heart. And we’re proud to let our customers know it.

In addition to the 2023-2024 SOC 2 Type 2 report, we are certified under the new Data Privacy Framework (DPF) adequacy decision. The DPF is GDPR’s latest valid transfer mechanism that allows EU, EEA, UK, and Swiss companies to transfer their personal data to US vendors. We remain compliant with applicable state regulations as well (CCPA/CPRA, etc.) in support of our dedication to trust, privacy, and security.

You can learn more about all of our efforts to build a truly trustworthy service on our Trust Center. If you have questions about our SOC 2 compliance—or anything trust related—reach out to the Litmus team at security@litmus.com.

The post Committed to Trust: Litmus Receives Independent SOC 2 Type 2 Report with Zero Findings for Fourth Consecutive Year appeared first on Litmus.

https://www.litmus.com/blog/soc-2-type-2-compliance