Data Security & Compliance

UserGems is SOC 2 Certified by leading third-party cybersecurity auditors.

UserGems is GDPR compliant as both a Data Processor and a Data Controller. Click HERE to learn more about UserGems and GDPR.

All data within UserGems is encrypted with state of the art encryption. Starting at the moment it is send to us until it is removed from our systems.

All our databases and servers are hosted in AWS or Azure datacenters, secured with multiple layers of state of the art protection: VPC with strict firewall settings, hashed passwords, two factor authentication, intrusion detection systems and much more.

We use OAuth2 to securely authorize other SaaS services and do not store your credentials for those services.

You actively decide which data you share with us.

Click HERE for our Privacy Policy

Network and greybox penetration tests are performed by a certified third party at least annually.

UserGems is under continuous external audit (SOC 2 Type 2) and has regular internal audits to make sure your data is as safe as possible.

UserGems uses automated back ups which includes geo redundancy and point in time backups to achieve a maximum 24-hour RTO and RPO.