Benchmark your role with data from 600+ Sales Engineers and Managers.
Read Now

Consensus’s Security Posture

About Consensus’s Security Posture

We process millions of Product Experiences for thousands of users every year. Our top priority is keeping the data you share with us safe. Compliance with global privacy protocols is important to our company. Consensus values data privacy and security very highly. We use the latest security technologies to protect your data, and we have a dedicated team of security experts who monitor our systems 24/7. We do require all our employees to undergo regular training on data security and privacy best practices upon hire and annually.

To ensure the best experience for our users, we maintain a secure environment while also keeping our performance at the highest level. This includes ensuring that our servers are up and running smoothly, our software is up to date, and our security protocols are airtight. In short, we do everything we can to keep our platform secure and running smoothly.

We receive questions about Consensus’s security practices from time to time. Generally, we are not eager to disclose much about our security practices because it is only beneficial to the very people we are trying to protect against. We respect our customers’ concerns about security, and we are serious about transparency. Here we share answers to the questions we think our customers might find most useful.

Compliance

Blue circle with the letters "GDPR" in white, surrounded by twelve yellow stars, resembling the European Union flag—a design that reflects the Consensus Security Center’s commitment to data protection. Consensus
A circular black and gray badge with the text "AICPA SOC aicpa.org/soc4so" and "SOC for Service Organizations | Service Organizations" around the edge, representing alignment with Consensus Security Center standards. Consensus

Data Collected

Customer personally identifiable information

Employee personally identifiable information

Credit card Information

Personal health information

Security Infrastructure

Consensus takes security seriously and has built a platform using best practices for a highly scalable, available, and secure platform. Consensus’s security infrastructure starts at our foundation and includes protocols such as encryption (in transit and at rest), routine internal and third party security assessments, annual third party penetration tests, SOC 2 Type 2 Attestation, least privilege access, and security-focused software development. Consensus also uses the principles outlined in the OWASP Secure Coding Practices to defend against the OWASP Top 10 security vulnerabilities.

Data Center Security

Consensus is hosted on Amazon AWS and OCI.
-For more information on AWS’s security: https://docs.aws.amazon.com/security/
-For more information on OCI’s security: https://docs.oracle.com/en-us/iaas/Content/Security/Concepts/security_overview.htm

Product Security

Consensus provides many in-product data protection capabilities as well as admin controls to provide greater visibility and control over your data. Enterprise admins can securely deploy Consensus to their organizations with tools such as SSO, Opt in/out functionality, and DemoBoard two-factor authentication. Role based access control is also supported and customizable by admins.

Privacy

Consensus is dedicated to protecting and upholding customers’ privacy rights. Our privacy compliance program is aligned to fit with regulations such as the U.S. Data Privacy Framework, the General Data Protection Regulation (GDPR), and California Consumer Privacy Act (CCPA).

Data Processing Addendum

Consensus’s Subscriber Agreement incorporates Consensus’s ToS under which Consensus commits to processing and safeguarding personal data in accordance with GDPR requirements. This includes Consensus’s commitment to process personal data consistent with the instructions of the data controller.

Subprocessors

Here is a complete list of Consensus’s subprocessors that is kept up to date.

Contact Us

For any privacy or security related questions, please contact your CSM/AE or reach out to our Security team at security@goconsensus.com