Compliance and Privacy

Personal Data Privacy

boostCX complies with CCPA, PIPEDA and other strict privacy laws regarding data protection. Additionally, all personal data or personally identifiable information (PII) in the boostCX platform can masked so that is only viewable through specified role-based access rights.

Certified Security

Certified extensive security programs for protecting our clients’ data, including ISO 27001 and SOC 2 security certifications.

Data Protection

Encryption at rest and encryption in transit to ensure data protection. boostCX supports industry standards such as OAuth 2.0 for authentication to APIs. Information in transit is encrypted with TLS for all services (HTTPS, SFTP).

Data Access Controls

boostCX supports two-factor authentication and Single Sign-On (SSO) integration with customer’s identity systems using industry standards.

Opt-Out

boostCX provides opt-out links in its email survey invitations and supports SMS requests to stop communications. These prevent additional survey invitations to our clients’ customers who do not want further communications.

Data Retention

Data retention policy ensures personal Information is only retained for as long as you use the services we provide, as long as needed to carry out our legitimate business function. All customer data is purged on service termination.