We are GDPR, CCPA, and SOC2 compliant and meet the EU-US Privacy Shield framework to ensure you meet your compliance requirements.
For enterprise customers, we can offer local data hosting in the United States, Europe, Australia, or Asia.
Secure your accounts with two-factor authentication (2FA) using SMS verification or the Google Authenticator app. You have the option to enforce two-factor authentication account-wide.
Allow Single Sign-on (SSO) as optional, or enforce account-wide using Google or Okta.
Local data hosting is available in the United States, Europe, Australia and Asia.
Implement Google reCAPTCHA to keep your onsite forms more secure from spammers and bots.
Enable or disable cookie tracking for opt-in forms to ensure you meet GDPR compliance requirements.
Set permissions for each user. Choose from admin, manager, creator, or read-only.
View platform status in real-time and subscribe to live updates. We provide prompt and detailed updates regarding any issues or incidents.
Yes! For enterprise customers, we can offer local data hosting in either the United States, Europe, Australia, or Asia.
Visit our status page to see our current app and API status. We communicate any service impacting outages to our customers here. You can also subscribe to updates via the status page: https://www.orttostatus.com/
Our security team promptly investigates all reported security issues. We have a bug bounty program in place. If you believe you have found a security vulnerability please visit https://ortto.com/security/ for more information. We will respond as soon as possible to your report. We ask that you not publicly disclose the issue until it has been addressed by the Ortto team.
Yes! We are compliant with the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and Service Organization Controls (SOC 2) as well as meeting the framework for the EU and US Privacy Shield.
Yes! You can choose to enforce one or both. You have full control via the privacy settings in your Ortto account. Single sign-on (SSO) can be implemented using Google or Okta. Two-factor authentication (2FA) can be implemented using SMS or via the Google Authenticator app.
Yes, we comply with the Australian Privacy Act and also meet APRA requirements for institutions across banking, insurance, and superannuation.
Yes, we undergo penetration testing every six (6) months. Reports are available on request.
"I like that it combines multiple marketing tools such as channels, customer data and social media into one single platform where I can look at all these factors and get analytics and reports."
- Francisco G
"It is easy to use and doesn't require extensive training. A ton of time is saved by having all customer data in one place."
- Rekha S
"The overall outbound and inbound sales process has been streamlined in such a way where we are able to focus on data generation as opposed to following up on on things that can be automated."
- Alexi D