Ensuring your data privacy across all parts of our business.
Trust Is Our Top Value
Security and Privacy Compliance
Operative maintains a comprehensive security and privacy program that coordinates people, processes, and technology to protect our products and customer data. Our program focuses on safeguarding the confidentiality, integrity, and availability of our services, and we implement a variety of controls to maintain these tenets.
Operative’s security, privacy and data protection program begin with strategic information security policies defined and supported by Operative’s Chief Information Security Officer, Chief Privacy Officer and Executive Management. We proactively manage and monitor security risks, promotes security through process maturity and effective system architecture.
Operative maintains an ISO 27701 certification based on its effective data privacy management program with respect to its processing of personally identifiable information.
Under applicable data protection laws, you may have certain rights relating to your personal data. Please see our privacy notice for more information about these rights. To exercise these rights please complete the form available here.
Operative engages third-party service providers (subprocessors) in connection with our service offerings. To learn more about Operative’s subprocessors please see our subprocessor list available here.
Compliance and Certifications
Information Security Management System
Code of practice for information security controls based on ISO/IEC 27002 for cloud services.
Privacy Information Management
SOC 1 Type 2
SOC 2 Type 2
Operative’s cyber security is focused on continuously improving alignment and support of business operations while ensuring that our customers’ data is safe and secure. Operative’s security and privacy program includes a combination of data protection technologies, practices, and safeguards. Our team continues to strengthen fundamental mechanisms and processes so customers can rely on Operative’s products with confidence.
Developing Secure Platforms
Operative contemplates and implements security within the design of its products at multiple levels to prioritize security and privacy principles and measures Specifically, Operative’s development process includes software composition analysis, static code analysis, dynamic code analysis vulnerability assessment, and penetration testing.
Our SaaS services are developed and deployed in a reliable manner leveraging cloud hosting platforms. Multiple Availability Zones and geographically separated environments are used to support Operative’s SaaS environments to provide redundancy to Operative platforms, and we continuously monitor performance metrics for all of the infrastructure components.