In Compliance with Evolving Data Privacy Standards and Regulations

At Leanplum, operational security starts with safe software development processes that are based on industry best practices like two-party reviews for submitted source code, use of frameworks to avoid known attack vectors, and continuous integration to constantly close vulnerabilities. Access to platform and data are forbidden by default and require explicit permissions.

Leanplum continues to abide by Privacy Shield principles under both EU and Switzerland frameworks, while Standard Contractual Clauses in the Leanplum Data Processing Addendum provide a valid mechanism to ensure necessary protection for data transfers from EU Data Controllers. Leanplum is compliant with the EU’s General Data Protection Regulation (GDPR). Leanplum platform’s Application Programming Interfaces (APIs) originally created for GDPR to help our customers meet their obligations as Data Controllers, and our obligations as Data Processors, also help everyone to comply with requirements under the California Consumer Privacy Act (CCPA). Leanplum attained ISO 27001 certification in 2018, following a comprehensive security audit and validation of our Information Security Management System.