Submittable is proud to exceed industry standards when it comes to protecting the security and privacy of your organization’s data.
Our team is committed to building a platform that helps you collect submissions and applications easily without compromising privacy or security. Your work, and your applicant’s data, is safe with us.
Submittable completes a third party SOC 2 Type 2 compliance audit every year. These reports demonstrate that our systems are set up to assure the security of customer data, and show how we operate those controls over an extended audit period.
Submittable supports Single Sign-on (SSO) with SAML. This allows you to authenticate users in your own systems without requiring them to enter additional login credentials.
Submittable completes a third party audit every year to assure that we are HIPAA compliant. As part of our privacy controls, all employees undergo yearly HIPAA training.
Submittable has implemented tools and processes to ensure our compliance with the latest requirements under the GDPR and to help our customers comply as well.
Submittable complies with FERPA to protect the privacy of student education records.
Submittable does not directly store or process credit card data. Instead, we rely on Stripe to provide the industry’s best and most secure credit card processing. Stripe is certified to PCI Service Provider Level 1 standards. Our PCI SAQ document is available upon request.
We enable multiple different permission levels to be set for your team. Permissions can be set to include or exclude information like platform settings, billing, and user data.
In addition to the certification and security features listed above, here are some of the most common security-related questions we get asked.
If you have additional questions regarding security or requests for specific compliance documents, we are happy to answer them.