Klue Compete
The Competitive Enablement Platform
Learn More
VIRTUAL & IN-PERSON EVENT
OCT 28-30, 2024
Sarathy Naicker, our co-founder and CTO, was previously the Chief Technologist at Sophos – a worldwide leader in advanced cybersecurity solutions. During his time at Sophos, he worked on data security infrastructure supporting 500,000 organizations and more than 100 million users globally.
Despite being a dynamic startup, our goal has always been to build enterprise-ready software with a similar focus on security. If it’s ready for enterprise, it’s ready for everyone.
We achieve this high standard of security readiness with a holistic approach focused on risk reduction. We leverage industry-leading security solutions and industry best practices in our day-to-day operations.
Klue maintains SOC 2, Type II compliance in accordance with the five Trust Services Criteria defined by the American Institute of Certified Public Accountants.
Request our Audit Report →PIPEDA Compliance
Klue complies with all applicable privacy laws. Klue is headquartered in Canada and is subject to the Personal Information Protection and Electronic Documents Act (PIPEDA). The European Commission declares that PIPEDA provides adequate privacy safeguards with respect to the EU’s General Data Protection Regulation (GDPR).
GDPR / CCPA Compliance
Klue complies with the GDPR and utilizes the June 2021 Standard Contractual Clauses when applicable to govern its relationship with sub-processors.
Although Klue’s volume of sales in the State of California are not yet high enough to trigger application of the California Consumer Privacy Act (CCPA), Klue still actively complies with the CCPA. Klue does not sell any personal data.
Data Collection
Klue limits collection of personal data to the following categories:
Personal Data is only processed for the purposes of providing and supporting the Klue web application, and is not processed for any other purpose.
All personal data collected by Klue can be corrected, modified, or destroyed upon request.
Cloud Storage
Klue operations are fully hosted in secure remote cloud environments. There are no on-premise servers or infrastructure at our corporate facility. Our primary infrastructure is hosted and managed within Amazon Web Services (AWS) secure data centers. Secondary web services infrastructure is hosted on secure Google Cloud Storage.
Klue Servers
All servers that run Klue’s live software are continuously patched and up-to-date hardened Linux systems. Our web servers use the strongest grade HTTPS security (TLS 1.2+), protecting requests from eavesdroppers and man-in-the-middle attacks. Our SSL certificates are 2048 bit RSA, signed with SHA256.
Security Testing
Customer data is only ever stored in databases or database backups hosted on secure cloud environments, and encrypted with AES-256 block-level storage encryption.
Klue conducts third party penetration tests annually and maintains penetration testing records. Any exposed vulnerabilities are fixed immediately. Klue maintains compliance with ASVS 4.0.
User Authentication
Klue utilizes SSO for access to the Klue web application, compatible with OAuth and all SAML configurations, and supported by multi factor authentication (MFA). Passwords are regularly tested for entropy, and compared against known security breaches. Access to the Klue web application enforces the most recent versions of TLS 1.2+, to secure all of our data transport channels. Whenever supported by customer email servers, our servers utilize StartTLS for email-based authentication.
Klue Terms and Conditions → (including Data Processing Agreement in Exhibit B)
Klue Acceptable Use Policy →
Klue Privacy Policy →
Incorporating security concerns and a security mindset into all aspects of Klue operations and software development.
Minimizing the amount of sensitive information and personal data processed by Klue, and anonymizing + aggregating all data to the furthest possible extent.
Relying on only state-of-the art industry-leading infrastructure partners like Amazon Web Services and Google Cloud Platform while eliminating physical storage, internal servers, and local networks to minimize vulnerabilities.
Applying robust internal security policies and performing frequent internal and external audits as demonstrated by Klue’s SOC 2, Type II compliance.
Let’s do it. Tell us a bit about yourself and we’ll set up a time to wow you.