Cobrowse Security & Privacy

Cobrowse maintains a formal security program in accordance with industry standards (ISO 27001 and SOC 2) designed to ensure the confidentiality, integrity, and availability of the Cobrowse Software and all processing of customer data.

Cobrowse is SOC 2 Type 2 compliant. We engage a certified third party auditor at least annually to ensure our continued compliance. To request our SOC 2 Type 2 report, please contact us using the email address below.

Cobrowse has a Cloud Security Alliance Consensus Assessments Initiative Questionnaire (CAIQ) of over 260 cloud service provider controls against 17 domains. To request our CAIQ, please contact us using the email address below.

Cobrowse’s policies and practices comply with applicable data protection regulations and laws, including the GDPR and CCPA. Cobrowse operates a dedicated EU Cloud, and also adopts the European Commission’s approved Standard Contractual Clauses (“SCCs”), or other lawful alternative transfer mechanism as approved from time-to-time (e.g. the EU-US Data Privacy Framework).

Cobrowse’s policies and practices are HIPAA compliant. Our clients can execute Cobrowse’s Data Processing Agreement and Business Associates Agreement (BAA) to ensure a protective contractual framework. Data protection measures such as self-hosting the Cobrowse instance and data redaction are also available for additional data security. Please reach out to request a copy of our BAA or learn more about our security and privacy practices.

Cobrowse maintains a robust vulnerability management and patching process across all components of the Cobrowse software. Our enterprise customers demand prompt and effective mitigation when vulnerabilities arise, and Cobrowse has an extensive process to evaluate and patch vulnerabilities according to their criticality level. Please reach out to learn more about our vulnerability management practices.