Data security and compliance

Data security and compliance

As a customer data platform, we understand the need for data security. We offer enterprise-level security features and compliance to give you peace of mind.

Data security and compliance
Data security and compliance

Compliance

We are GDPR, CCPA, and SOC2 compliant and meet the EU-US Privacy Shield framework to ensure you meet your compliance requirements.

Data security and compliance

Multi-region data hosting

For enterprise customers, we can offer local data hosting in the United States, Europe, Australia, or Asia.

Data security and compliance

Two-factor authentication

Secure your accounts with two-factor authentication (2FA) using SMS verification or the Google Authenticator app. You have the option to enforce two-factor authentication account-wide.

Enterprise security features you can rely on

Single Sign-on (SSO)

Single Sign-on (SSO)

Allow Single Sign-on (SSO) as optional, or enforce account-wide using Google or Okta.

Multi-region data hosting

Multi-region hosting

Local data hosting is available in the United States, Europe, Australia and Asia.

Google reCAPTCHA

Google reCAPTCHA

Implement Google reCAPTCHA to keep your onsite forms more secure from spammers and bots.

tracked forms

Tracking opt-in forms

Enable or disable cookie tracking for opt-in forms to ensure you meet GDPR compliance requirements.

User permissions

User permissions

Set permissions for each user. Choose from admin, manager, creator, or read-only.

100% Uptime

Incident reporting

View platform status in real-time and subscribe to live updates. We provide prompt and detailed updates regarding any issues or incidents.

FAQs

Do you host or store data in locally-based data centers? 

Yes! For enterprise customers, we can offer local data hosting in either the United States, Europe, Australia, or Asia.

How do you communicate service outages?

Visit our status page to see our current app and API status. We communicate any service impacting outages to our customers here. You can also subscribe to updates via the status page: https://www.orttostatus.com/

How do I report a security vulnerability?

Our security team promptly investigates all reported security issues. We have a bug bounty program in place. If you believe you have found a security vulnerability please visit https://ortto.com/security/ for more information. We will respond as soon as possible to your report. We ask that you not publicly disclose the issue until it has been addressed by the Ortto team.

Do you meet data compliance requirements?

Yes! We are compliant with the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and Service Organization Controls (SOC 2) as well as meeting the framework for the EU and US Privacy Shield.

Can I enforce SSO and Two-factor authentication (2FA)?

Yes! You can choose to enforce one or both. You have full control via the privacy settings in your Ortto account. Single sign-on (SSO) can be implemented using Google or Okta. Two-factor authentication (2FA) can be implemented using SMS or via the Google Authenticator app.

Do you comply with The Privacy Act 1988?

Yes, we comply with the Australian Privacy Act and also meet APRA requirements for institutions across banking, insurance, and superannuation.

Does the platform undergo regular penetration testing?

Yes, we undergo penetration testing every six (6) months. Reports are available on request.

SaaS Marketing Software

Users Love Us

Powered by:

g2 logo
g2 stars

"I like that it combines multiple marketing tools such as channels, customer data and social media into one single platform where I can look at all these factors and get analytics and reports."
- Francisco G

G2 Review - Francisco
g2 stars

"It is easy to use and doesn't require extensive training. A ton of time is saved by having all customer data in one place."
- Rekha S

G2 Review Rekha S
g2 stars

"The overall outbound and inbound sales process has been streamlined in such a way where we are able to focus on data generation as opposed to following up on on things that can be automated."
- Alexi D

G2 Review - Alexi D
ortto footer brand
© Ortto 2022