Trust Center

Start your security review
View & download sensitive information
ControlK

Overview

Welcome to Syndio’s Trust Center!

At Syndio, protecting customer data is foundational to everything we do. Our security, privacy, and compliance programs are designed to align with leading industry standards and frameworks, ensuring the confidentiality, integrity, and availability of our services and the data entrusted to us.

This Trust Center provides transparency into our security practices, governance approach, and compliance posture. You’ll find details on our policies, controls, and independent certifications that demonstrate our ongoing commitment to safeguarding your information as we continue to innovate.

Compliance

SOC 2 Type 2 Logo
SOC 2 Type 2
SOC 3 Logo
SOC 3
ISO/IEC 27001:2022 Logo
ISO/IEC 27001:2022
EU AI Act Logo
EU AI Act
NIST AI RMF Logo
NIST AI RMF
CSA STAR Level 1 Logo
CSA STAR Level 1
CSA STAR for AI Logo
CSA STAR for AI
Microsoft SSPA Logo
Microsoft SSPA
GDPR Logo
GDPR
EU-US DPF Logo
EU-US DPF
Swiss-US DPF Logo
Swiss-US DPF
UK Extension to EU-US DPF Logo
UK Extension to EU-US DPF

Syndio is reviewed and trusted by

Microsoft-company-logoMicrosoft
Nokia-company-logoNokia
American Airlines-company-logoAmerican Airlines
Salesforce-company-logoSalesforce
General Mills-company-logoGeneral Mills
Nordstrom-company-logoNordstrom
Siemens-company-logoSiemens
ConocoPhillips-company-logoConocoPhillips
Outokumpu-company-logoOutokumpu
BMC Software-company-logoBMC Software
Elevance Health-company-logoElevance Health
Ford Motor Company-company-logoFord Motor Company
United Rentals-company-logoUnited Rentals
Bayer-company-logoBayer
Assurant-company-logoAssurant
Campari-company-logoCampari

Documents

Featured Documents

COMPLIANCESOC 2 Type 2
COMPLIANCEISO/IEC 27001:2022
AISyndi: Data Privacy & Commitment
APP SECURITYApplication Penetration Testing

Policies

Acceptable Use Policy
Asset Management Policy
Backup Policy
View more

AI

Syndi: Data Privacy & Commitment
AI Governance
Syndi Architecture Diagram

App Security

Information Security Diagram
Global Pay Reports Data Flow Diagram
Responsible Disclosure
View more

Corporate Security and Training

Phishing Training
Training Records
Security Awareness Training
View more

Data Security

Access Monitoring
Certificates of Destruction
Daily Data Backups
View more

Endpoint Security

Anti-Malware
Disk Encryption
Threat Detection

Network Security

Firewall
IDS/IPS
Network Penetration Testing

Product Security

Audit Logging
Data Security
Integrations
View more

Access Control

Access Log Management
Automated Account Management
Bring Your Own Device (BYOD)
View more

BC/DR

Business Continuity Management System (BCMS)
Lessons Learned
High Availability
View more

Change Management

Change Restrictions
Separation of Duties
Software Restrictions
View more

Continuous Monitoring

Automated Compliance Monitoring
Data Loss Prevention System (DLP)
File Integrity Monitoring (FIM)
View more

Data Privacy

Cookies
Data Breach Notifications

Infrastructure

Status Monitoring
BC/DR
Google Cloud Platform
View more

Terms

SubprocessorsZendesk-company-logoAuth0-company-logoSmartsheet-company-logoGong-company-logoIronclad-company-logo
Cyber Insurance
Data Subject Requests
View more

Self-Assessments

CAIQ
AI-CAIQ
Trust Center Updates

New SOC 2 Type II & SOC 3 Reports Available!

Copy link
Compliance

We’re pleased to share that Syndio has successfully completed our annual SOC 2 Type II and SOC 3 audits, covering the audit period from November 2024 through November 2025.

These independent assessments reinforce our commitment to protecting customer data and operating our platform with strong security and privacy practices.

Our reports are available for download via our Trust Center.

Knowledge Base (FAQ)
  • What security controls/mechanisms have been implemented to prevent and detect unauthorized access attempts or malicious activity (e.g., IDS, IPS, DLP, anti-virus, anti-malware, full disk encryption, configuration management, network/application vulnerability scans, etc.)?
  • Does your organization have a policy, guideline or standard for classifying, labeling, and handling (print, store, use, transport, and destruct/dispose) information/data in electronic and/or hardcopy form?
  • Are your backups encrypted?
  • Does your organization have a BCP plan in place? How often is it reviewed?
  • Is there a risk assessment program in place? If yes, what is the frequency and are the results tracked and communicated to senior leadership periodically?
View more
Built onSafeBase by Drata Logo