Security is of utmost importance at PickFu. This page outlines our current practices as of June 9, 2023.
PickFu is SOC 2 Type II compliant.
PickFu currently employs 16 people. From time to time, we may employ additional consultants. Anyone who works with PickFu directly or as a consultant must sign non-disclosure and security best practices agreements. Team members are required to undergo information security training as part of their onboarding and annually during their employment.
The PickFu organization is fully remote with no physical offices. Employees are not required to work at any given location. Some of the countries where we have employees include the following: USA, Mexico, Brazil, Argentina, Greece, France, and Kazakhstan. As a remote organization, we keep all records digitally.
All digital information is stored in the cloud using established business-grade software providers, including, but not limited to, Google, Amazon, Asana, Slack, etc. The team has no access to physical servers and no access to data centers. With cloud storage, data may be geographically dispersed, depending on the implementation of the cloud provider.
Depending on their employment status, employees use a combination of work-issued and personal devices. For directly employed team members, PickFu maintains a list of company-owned inventory.
A customer's relationship with PickFu is at will, with no contract or defined engagement term. The customer can pause their use of PickFu and come back at any time. If a customer chooses to permanently close their account and delete their data, they can do so by emailing our support staff at firstname.lastname@example.org.
PickFu has achieved SOC 2 Type II compliance in accordance with American Institute of Certified Public Accountants (AICPA) standards for SOC for Service Organizations also known as SSAE 18. Achieving this standard with an unqualified opinion serves as third-party industry validation that PickFu, Inc. provides enterprise-level security for customer's data secured on the PickFu platform.
An unqualified opinion on a SOC 2 Type II audit report demonstrates to PickFu, Inc.'s current and future customers that they manage their data with the highest standard of security and compliance.
SOC2 report requests can be made to email@example.com.
Compliance concerns, violations, or vulnerabilities may be reported to firstname.lastname@example.org.