Security
Your
Your
data
data
is
is
safe
safe
with
with
us
us
Security and privacy are in our DNA, not just policies. You can trust us to always do what’s best for you and your data. As our CTO says, “I don’t sleep at night, so my customers can.”
Security and privacy are in our DNA, not just policies. You can trust us to always do what’s best for you and your data. As our CTO says, “I don’t sleep at night, so my customers can.”
Security and privacy are in our DNA, not just policies. You can trust us to always do what’s best for you and your data. As our CTO says, “I don’t sleep at night, so my customers can.”
Compliance and certification
Compliance and certification
Compliance and certification
SOC 2 Type II
Ply undergoes an annual SOC 2 Type II audit, meeting the most rigorous security, availability and confidentiality standards in the industry. Report is available upon request.
Ply undergoes an annual SOC 2 Type II audit, meeting the most rigorous security, availability and confidentiality standards in the industry. Report is available upon request.
Ply undergoes an annual SOC 2 Type II audit, meeting the most rigorous security, availability and confidentiality standards in the industry. Report is available upon request.
ISO 27001
ISO 27001 is the world’s best-known standard for information security management systems (ISMS) and their requirements.
ISO 27001 is the world’s best-known standard for information security management systems (ISMS) and their requirements.
ISO 27001 is the world’s best-known standard for information security management systems (ISMS) and their requirements.
CSA
STAR encompasses the key principles of transparency, rigorous auditing, and harmonization of standards outlined in the Cloud Controls Matrix (CCM).
STAR encompasses the key principles of transparency, rigorous auditing, and harmonization of standards outlined in the Cloud Controls Matrix (CCM).
STAR encompasses the key principles of transparency, rigorous auditing, and harmonization of standards outlined in the Cloud Controls Matrix (CCM).
GDPR
Ply has made extensive efforts to support customers subject to GDPR. See our Privacy Policy for more details.
Ply has made extensive efforts to support customers subject to GDPR. See our Privacy Policy for more details.
Ply has made extensive efforts to support customers subject to GDPR. See our Privacy Policy for more details.
Cyber Essentials
Cyber Essentials is a standard by the The United Kingdom’s National Cyber Security Centre (NCSC) to guard against cyber attacks.
Cyber Essentials is a standard by the The United Kingdom’s National Cyber Security Centre (NCSC) to guard against cyber attacks.
Cyber Essentials is a standard by the The United Kingdom’s National Cyber Security Centre (NCSC) to guard against cyber attacks.
Protected by CloudFlare
Cloudflare is a global network designed to make products secure, private, fast, and reliable.
Cloudflare is a global network designed to make products secure, private, fast, and reliable.
Cloudflare is a global network designed to make products secure, private, fast, and reliable.
Infrastructure and application security
Infrastructure and application security
Infrastructure and application security
Ply servers are hosted by Amazon Web Services (AWS), which is certified SOC 2 Type 2. AWS has state-of-the-art data center security. Data centers are secured with a variety of physical controls to prevent unauthorized access.
Ply servers are hosted by Amazon Web Services (AWS), which is certified SOC 2 Type 2. AWS has state-of-the-art data center security. Data centers are secured with a variety of physical controls to prevent unauthorized access.
Ply servers are hosted by Amazon Web Services (AWS), which is certified SOC 2 Type 2. AWS has state-of-the-art data center security. Data centers are secured with a variety of physical controls to prevent unauthorized access.
3rd Party Pen Testing
Ply completes annual 3rd party penetration tests by a Google certified assessor.
Ply completes annual 3rd party penetration tests by a Google certified assessor.
Ply completes annual 3rd party penetration tests by a Google certified assessor.
Web Application Firewall
Web App firewall with automatic updates to block against the latest threats spotted around the world.
Web App firewall with automatic updates to block against the latest threats spotted around the world.
Web App firewall with automatic updates to block against the latest threats spotted around the world.
DNSSEC
Securing data exchanged in the DNS to block against DNS hijacking attacks.
Securing data exchanged in the DNS to block against DNS hijacking attacks.
Securing data exchanged in the DNS to block against DNS hijacking attacks.
DDoS Protection
Application level DDoS protection from CDN provider and network level DDoS protection from cloud provider.
Application level DDoS protection from CDN provider and network level DDoS protection from cloud provider.
Application level DDoS protection from CDN provider and network level DDoS protection from cloud provider.
Data encrypted in-transit and at rest
Ply uses AES encryption at rest in addition to securing network communication with TLS 1.2 for encrypting data in transit.
Ply uses AES encryption at rest in addition to securing network communication with TLS 1.2 for encrypting data in transit.
Ply uses AES encryption at rest in addition to securing network communication with TLS 1.2 for encrypting data in transit.
Spoofing Protection
Network spoofing protection is enabled in our cloud provider which prevents adversaries from spoofing traffic or arp addresses.
Network spoofing protection is enabled in our cloud provider which prevents adversaries from spoofing traffic or arp addresses.
Network spoofing protection is enabled in our cloud provider which prevents adversaries from spoofing traffic or arp addresses.
Data retention and usage overview
Data retention and usage overview
Data retention and usage overview
Our data retention policies are designed to minimize retention, and maximize volatility.
Our data retention policies are designed to minimize retention, and maximize volatility.
Our data retention policies are designed to minimize retention, and maximize volatility.
Feature run data
We spin up a serverless engine when a feature is triggered (for example, when you click a button), then it disappears when the feature run is complete.
Task log data
Task log is saved for 30 days to allow you to debug or save lost data. Enterprise customers can customize data retention policies from one hour to 60 days.
Analytics data
Analytics data, both for you and for Ply's product team, only contains usage metadata - which team member, ran which feature, in which app, was the run successful or errored, etc. Data used in the feature and customer PII is never part of analytics.
Feature run data
We spin up a serverless engine when a feature is triggered (for example, when you click a button), then it disappears when the feature run is complete.
Task log data
Task log is saved for 30 days to allow you to debug or save lost data. Enterprise customers can customize data retention policies from one hour to 60 days.
Analytics data
Analytics data, both for you and for Ply's product team, only contains usage metadata - which team member, ran which feature, in which app, was the run successful or errored, etc. Data used in the feature and customer PII is never part of analytics.
Feature run data
We spin up a serverless engine when a feature is triggered (for example, when you click a button), then it disappears when the feature run is complete.
Task log data
Task log is saved for 30 days to allow you to debug or save lost data. Enterprise customers can customize data retention policies from one hour to 60 days.
Analytics data
Analytics data, both for you and for Ply's product team, only contains usage metadata - which team member, ran which feature, in which app, was the run successful or errored, etc. Data used in the feature and customer PII is never part of analytics.
Member data
Your member data - your team, not customers, such as name and email is saved for as long as your workspace is active.
Customer data
Your customers' data is only passed in feature runs and task log. Meaning, it's volatile by nature, never saved, and used only for the purpose you define in your features.
Sample data
Sample data, the data you use to build a feature, is saved for as long as the feature exists and deleted when you delete the feature, or workspace. We recommend using insensitive data as a sample.
Member data
Your member data - your team, not customers, such as name and email is saved for as long as your workspace is active.
Customer data
Your customers' data is only passed in feature runs and task log. Meaning, it's volatile by nature, never saved, and used only for the purpose you define in your features.
Sample data
Sample data, the data you use to build a feature, is saved for as long as the feature exists and deleted when you delete the feature, or workspace. We recommend using insensitive data as a sample.
Member data
Your member data - your team, not customers, such as name and email is saved for as long as your workspace is active.
Customer data
Your customers' data is only passed in feature runs and task log. Meaning, it's volatile by nature, never saved, and used only for the purpose you define in your features.
Sample data
Sample data, the data you use to build a feature, is saved for as long as the feature exists and deleted when you delete the feature, or workspace. We recommend using insensitive data as a sample.
Still have questions?
Contact our support team for prompt assistance.
Still have questions?
Contact our support team for prompt assistance.
Still have questions?
Contact our support team for prompt assistance.
Better tools,
better work.
Join top performing companies using Ply
Better tools,
better work.
Join top performing companies using Ply
Better tools,
better work.
Join top performing companies using Ply