PlayPlay uses enterprise-grade security practices to keep data safe and platform secure
All data is hosted in Europe on Google Cloud Platform that offers highest security, availability, and performance.
All communications are carried out in HTTPs TLS 1.2 or higher.
All data stored is encrypted with cloud-native capabilities using industry standard Advanced Encryption Standard (AES 256).
PlayPlay is committed to protecting the confidentiality of any data its customers entrust to it. Customer data remains the exclusive property of the customer at all times and is solely used for the purposes defined.
PlayPlay follows and implements the guidelines and recommendations from the applicable data protection laws such as the European General Data Protection Regulation (GDPR) or the California Consumer Privacy Act (CCPA).
Our Security commitments
As a cloud-based company managing customers’ valuable data, implementing best-in-class security practices is one of our main preoccupation.
All data is hosted exclusively in Europe on a Cloud state-of-the-art infrastructure. PlayPlay strictly complies to GDPR obligations and adheres to the ISO/IEC 27001 standard.
PlayPlay implements systematic encryption of data both at rest and in transit, performs frequent technical penetration testing campaigns and proposes enterprise-grade security features such as SSO (Single Sign-On) and MFA (Multi-Factor Authentication).
Application & Infrastructure Security
Secure and reliable infrastructure
PlayPlay relies on an highly available Google Cloud infrastructure with native and world class security measures - https://cloud.google.com/security/
Google Cloud Platform is certified across a variety of security frameworks including ISO/IEC 27001, ISO/IEC 27017, SOC2.
PlayPlay development practices rely on Integrated Security tools that includes scans for the OWASP Top 10 vulnerabilities.
PlayPlay platform is subject to regular penetration testing from trusted independent third parties.
PlayPlay adheres to the ISO/IEC 27001:2013 and enforce a Security Risks approach to appropriately safeguard PlayPlay’s customer data.
SOC 2 Type I Attestation
SOC 2 is an independent audit conducted to review the company’s effective implementation of: employee controls and training, IT systems and risk management controls, product disciplines, and vendor selections. SOC2 certification is recognized globally for its rigorous reviews of organization’s systems and organizational controls.
SOC 2 Type I consists of a thorough examination of our control policies and practices in accordance with standards from the AICPA. This is undertaken by a third-party firm during a specific date and time.
Read more about it