Reflecting our commitment to providing best-in-industry security practices and building on the trust of our customers, Tracer completes annual SOC 2 Type 2 audits.
These rigorous independent audits, based on the AICPA’s Trust Service Criteria, test the operating effectiveness of our systems as they relate to security, processing integrity, confidentiality, and privacy. Successfully completing a SOC 2 Type 2 audit provides our customers with the assurance that an independent assessment has confirmed our ability to keep their data secure and meet the requirements of applicable privacy laws. The audit reports include a description of our trust services and controls, as well as the auditors’ opinion on the suitability of the design and operating effectiveness of our security and confidentiality practices.
Independent Data Security Assessment
Tracer has also undertaken an independent assessment of its privacy and security safeguards over the data we collect on behalf of our global customers. Not only is the protection of personal data required by an increasing number of countries and jurisdictions, but we believe that conducting this deeper analysis of our internal controls further demonstrates our commitment to protecting our customers.
EU-US and Swiss-US Privacy Shield Framework
Tracer has certified to the U.S. Department of Commerce that we adhere to the Privacy Shield Principles within the EU-US and Swiss-US Privacy Shield Framework regarding the collection, use, and retention of any personal information from European Union member countries, the United Kingdom and Switzerland. To learn more about the Privacy Shield Principles, visit here. Although recent court rulings have stated that companies can no longer rely on the Privacy Shield as a cross-border transfer mechanism, we have continued to maintain our Privacy Shield certification. We have also implemented GDPR Standard Contractual Clauses along with other appropriate transfer mechanisms by agreement with our customers.