Secure customer data and privacy are integral to our platform. You trust us to provide you with a service that simplifies your sustainability efforts—part of that service is the peace of mind that comes from our stringent security and data privacy measures
Sustain.Life takes privacy protections seriously—we handle the data on our platform in accordance with the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
We apply a strict ISO 27001 Information Security Management Standard to the security management of our assets, financial information, intellectual property, employee details, and information entrusted by third parties.
We use NIST guidelines to help ensure the management, control, and maintenance of our IT systems. Our monitoring and alerting are backed by robust role-based access control policies that use a least-privileged access model.
Our code follows OWASP best practices to ensure the security of what we write. Our applications are subject to strict source control, code analysis tests, and regular reviews.
Our environment and employees undergo frequent penetration tests, and everyone at Sustain.Life regularly undergoes security training. We fortify our systems with multi-factor authentication and encrypt all of our data in transit and at rest.