Development Build
Deployed: 09/14/2025, 08:21 AM EST
-1 days ago
Assortment Analytics

Security & Trust Center

Published on: January 11, 2025

At Assortment Analytics, we are committed to ensuring the highest standards of information security across all our operations, products, and services. Our management team is dedicated to implementing robust security measures to safeguard sensitive data and protect the integrity of our AI-powered analytics systems. We prioritize continuous improvement and compliance with industry best practices, regularly reviewing and enhancing our security protocols to address evolving threats. At every level of our organization, we recognize the critical importance of information security and are steadfast in our efforts to maintain the trust and confidence of our customers and stakeholders.

Our commitment to security is evidenced through third-party compliance, certifications and reports across our products, such as ISO/IEC 27001, SOC 2, CSA STAR, GDPR, CCPA, and industry-specific frameworks for retail and CPG data protection.

Enterprise Security

Multi-layered security architecture with advanced threat protection and continuous monitoring

Data Protection

End-to-end encryption and secure data handling for all customer information and analytics

Compliance

Rigorous adherence to international standards and regulatory requirements

Security Framework

Information Security Management

ISO/IEC 27001 Certified

International standard for information security management systems

SOC 2 Type II Compliant

Audited controls for security, availability, processing integrity, confidentiality, and privacy

CSA STAR Certified

Cloud Security Alliance's Security, Trust & Assurance Registry

Privacy & Data Protection

GDPR Compliant

Full compliance with European General Data Protection Regulation

CCPA Compliant

California Consumer Privacy Act compliance for data protection

Industry Standards

Retail and CPG industry-specific security frameworks

Security Measures

Infrastructure Security

  • • Multi-tenant cloud architecture with isolation
  • • Automated security patching and updates
  • • DDoS protection and traffic filtering
  • • 24/7 security monitoring and alerting

Data Security

  • • AES-256 encryption at rest and in transit
  • • Secure key management and rotation
  • • Data backup and disaster recovery
  • • Secure data deletion and retention policies

Access Control

  • • Multi-factor authentication (MFA)
  • • Role-based access controls (RBAC)
  • • Single sign-on (SSO) integration
  • • Privileged access management

Network Security

  • • Virtual private networks (VPN)
  • • Firewall protection and segmentation
  • • Intrusion detection and prevention
  • • Secure API endpoints and authentication

AI Security

  • • Secure model training and deployment
  • • Data anonymization and privacy protection
  • • AI bias detection and mitigation
  • • Explainable AI and transparency

Compliance & Auditing

  • • Regular security assessments and audits
  • • Compliance monitoring and reporting
  • • Incident response and breach notification
  • • Third-party security evaluations

Security Certifications & Compliance

Certifications

ISO/IEC 27001:2022

Information Security Management System

SOC 2 Type II

Security, Availability, Processing Integrity, Confidentiality, and Privacy

CSA STAR Level 2

Cloud Security Alliance Security, Trust & Assurance Registry

Compliance Frameworks

GDPR

General Data Protection Regulation (EU)

CCPA/CPRA

California Consumer Privacy Act

Industry Standards

Retail and CPG data protection requirements

Incident Response & Business Continuity

Security Incident Response

24/7 Security Operations Center

Continuous monitoring and immediate response to security incidents

Incident Response Plan

Structured approach to detecting, analyzing, and responding to security events

Customer Notification

Timely communication of security incidents affecting customer data

Business Continuity

High Availability Architecture

Redundant systems and failover capabilities for continuous service

Data Backup & Recovery

Regular backups with tested recovery procedures

Disaster Recovery

Comprehensive disaster recovery plan with regular testing

Third-Party Security

We work with carefully selected third-party service providers who share our commitment to security and compliance. All third-party vendors undergo rigorous security assessments and must meet our security standards.

Vendor Security Requirements

  • • Security questionnaires and assessments
  • • Compliance with industry standards
  • • Regular security audits and reviews
  • • Data processing agreements with security clauses

Ongoing Monitoring

  • • Continuous security posture monitoring
  • • Incident notification requirements
  • • Regular compliance reporting
  • • Performance and availability monitoring

Security Contact Information

For security-related inquiries, incident reporting, or questions about our security practices:

Security Team

Email: security@assortmentanalytics.com

Compliance Team

Email: compliance@assortmentanalytics.com

General Inquiries: info@assortmentanalytics.com

Assortment Analytics, LLC

1000 Brickell Ave

Miami, FL 33131

United States