Security you can trust
Protecting your data and your customers’ data is our highest priority. CSVBox is built on a secure architecture, encrypts information in transit and at rest, and follows industry best practices for handling sensitive information. We continuously monitor our systems and engage third‑party auditors to validate our controls.
Data handling & retention
Uploaded files are processed in memory whenever possible. Temporary storage is encrypted and purged automatically after imports complete. You choose where data should be processed—US or EU data centres—to comply with regional regulations.
Encryption & access controls
All communications are secured with TLS 1.2+. Data at rest is encrypted using AES‑256. Access to production systems is limited to authorised personnel under the principle of least privilege and protected by multi‑factor authentication.
Compliance & certifications
CSVBox is SOC 2 Type II compliant and supports GDPR/Data Processing Agreements. Our security program includes regular vulnerability scanning, penetration testing and robust incident response procedures. We publish a disclosure policy for reporting vulnerabilities.
Need more details?
If you have specific security or compliance questions, please reach out. We’re happy to provide additional documentation or complete security questionnaires.
Contact us