Skip to content


Unwavering in our commitment to the highest security and privacy standards.

Compliance Certifications, Standards, and Regulations

We go to great lengths to earn the trust of the world’s most recognizable brands and most revered standards.

Compliance & Governance

With independent third-party assurance, we validate the effectiveness of our management practices and attest to their operations. 360insights is compliant with industry-accepted frameworks, including ISO27001, ISO9001, SOC 1, and SOC 2, and our approach takes into consideration the threat landscape, regulations, and practices from NIST, CSA, and other authoritative sources.

Privacy Regulations

We align our data protection and privacy practices to a baseline derived from regulatory requirements around the world, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We also support industry-specific frameworks, including PCI-compliant payment of different types of rewards, to meet the expectations of your partners and customers.

Cloud Security

360insights is hosted on ISO27001/SOC 2-accredited cloud infrastructure. All sensitive data is encrypted using industry-standard encryption protocols at rest and in transit. In addition to logging and monitoring and undertaking frequent scans of our products, we work with industry-leading security firms to perform regularly scheduled penetration tests covering our networks, infrastructure, and applications.

Supplier Management

360insights performs rigorous background checks on staff, contractors, and other third parties that have access to client data and requires that all sign confidentiality agreements. Security awareness training is delivered to all new hires, and routine security awareness programs, including social engineering exercises, are administered.


We have a team dedicated to answering all of your privacy and security concerns.