Security & Compliance
Ensuring the security and confidentiality of our customers’ data is the number one priority at servis.ai. The servis.ai Trust Program encompasses and represents the security, compliance, and privacy controls and features that protect our customers’ most sensitive data.
- ISO 27001
- CSA STAR LEVEL 1
- CASA
- GDPR
- HIPAA + BAA INCLUDED
Our Security Program
Our security program is driven not only by a strong culture of security but also by a comprehensive set of policies and procedures that govern and guide our day-to-day activities. servis.ai has adopted a zero trust strategy.
To learn more about servis.ai’s Security and Compliance, you can download the document here:
Data Security
Security matters.
We’ve invested in a better way to protect and safeguard your data. We encrypt your data in-transit and at-rest and use Amazon VPC private subnets.
- Your data is 100% safe
- Your data is 100% secure
- Your data is 100% private
In-Transit Data Encyption
Encryption in transit. All inbound/outbound communication outside of our private data network is always encrypted using secure TLS 1.2/1.3 protocols.
At-Rest Data Encyption
Encryption at REST. Data stored on servers in our private network are always encrypted using secure AWS KMS technology with keys that are periodically rotated, ensuring physical access to disk storage is completely secured.
Continuous Backups
servis.ai Data is continuously backed up and available to be restored in case of potential data loss. Backups are securely stored at REST using AWS KMS technology.
Data Isolation
Data Integrity
Availability
- 100% available: zero downtime, period.
- 100% performant: every tier auto-scales or has ‘infinite’ capacity e.g. Lambda.
- Integration-friendly: every action available through UI also available via well-documented, open APIs.
Continuous Uptime
No Scheduled maintenance downtime, our customers can expect service to be up 24/7 throughout the year.
Redundant Backup
Compute and Data infrastructure is architected to be redundant across physical data center locations, ensuring completely automated disaster recovery for our customers.
Monitored Response Times
The servis.ai platform ensures sub-second response times for >95% of our requests we continually monitor and publish metrics at: status.freeagentcrm.com
Operational Security
Threat Detection
All network traffic to our data centers are continually audited and monitored using advanced intelligent threat detection software.
Policy Management
Strict policies in place for infrastructure configuration management, which are continually monitored with automated alerts for any breaches in established policies.
Consistent Security Audits
We use a combination of automated and periodic 3rd party penetration testing performed by vendors to minimize vulnerabilities.
Application Security
Secure your data from internal risks with custom roles and ACLs.
Simple Security Setup
The servis.ai platform provides one of the most advanced and easy to set up security controls for our customers, with no impact on performance. A feature unique to servis.ai in the CRM industry.
Record Level Access
Read, Create, Update, and Delete operations are based on advanced conditional filters for controlling access to the subset data.
Access and modification operations can be controlled for sensitive data within records themselves.
Role Specific Configuration
Access to navigation, form rules, and automations. All of our platform configurations can be customized to apply to specific sets of roles.
Team Configuration
Hierarchical data visibility setup via teams. Ensure data access is logically separated across different teams in your organization.
Compliance Certifications
ISO 27001 Certification
At servis.ai, we are committed to maintaining a strong information security practice that aligns
with industry standards. Our information security framework is based on the ISO 27001:2013 standard,
which serves as a
comprehensive guide for establishing, implementing, maintaining, and continually improving
information security management systems.
We are proud to announce that servis.ai has achieved ISO 27001 certification, validating our adherence to this globally recognized standard. This certification demonstrates our dedication to protecting the confidentiality, integrity, and availability of information assets, as well as our commitment to maintaining the highest levels of information security across our organization.
As part of this certification, servis.ai undergoes an annual external audit conducted by independent third-party auditors. This audit process rigorously assesses our information security management systems and practices against the ISO 27001:2013 standard, ensuring the ongoing effectiveness and continuous improvement of our information security controls. This annual external audit further reinforces our dedication to maintaining a robust and secure environment for our customers' data.
You can request our ISO 27001 certificate by visiting the following link:
Request Certification
CSA STAR Level 1 Compliant
servis.ai proudly holds CSA Start Level 1 certification, demonstrating our commitment to maintaining
secure and reliable SaaS services.
This certification validates our adherence to industry best practices and ensures the protection of customer data.
For more information or to request our certification, visit:
Request Certification
GDPR Compliant
At servis.ai, we place a strong emphasis on compliance with data protection regulations, particularly
the General Data Protection Regulation (GDPR). We have implemented robust measures to ensure that
our practices align with the requirements outlined in the GDPR.
Furthermore, servis.ai undergoes an annual attestation against GDPR regulations conducted by an independent third-party auditor. This attestation process thoroughly evaluates our adherence to the principles and obligations set forth by the GDPR, such as data subject rights, lawful basis for processing, data protection impact assessments, and data breach notifications. By subjecting ourselves to this annual assessment, we demonstrate our commitment to maintaining the highest standards of data protection and privacy for our customers.
You can request our attestation certificate by visiting the following link:
Request Certification
HIPAA Compliant (BAA Included)
BAA Included
servis.ai is compliant with the Health Insurance Portability and Accountability Act (HIPAA). We
understand the importance of protecting sensitive healthcare information, and we have implemented
comprehensive measures to ensure HIPAA compliance throughout our organization.
To further validate our commitment to maintaining the highest standards of data protection in the healthcare industry, servis.ai undergoes an annual attestation conducted by an independent third-party auditor. This attestation process thoroughly assesses our adherence to the privacy, security, and breach notification provisions of HIPAA. By regularly undergoing these assessments, we continuously strive to uphold the privacy and security of protected health information (PHI) and demonstrate our unwavering commitment to HIPAA compliance.
You can request our attestation certificate by visiting the following link:
Request Certification
Google OAuth Compliance
servis.ai prioritizes the security of our customers' integration data. As part of our commitment, we
regularly undergo compliance assessments with integration partners like Google.
This ensures that our integration processes are fully compliant with Google OAuth standards, providing a secure environment for our customers' data.
You can request our attestation certificate by visiting the following link:
Request CertificationResponsible Disclosure Program
At servis.ai, security is a top priority. If you believe you have identified a security vulnerability in our products, we urge you to promptly report it to us.
If you responsibly submit a vulnerability report to servis.ai, the servis.ai security team will:
- Promptly acknowledge receipt of your report;
- Provide an estimated time frame for addressing the reported vulnerability;
- Notify you when the vulnerability has been resolved
Privacy Policies & Data Handling
Master Subscription Agreement
This subscription service agreement is a legal agreement between you and servis.ai governing your use of the servis.ai Platform, including any applicable free trials.
Product Privacy Policy
This Privacy Policy describes how we collect, receive, use, store, share, transfer, and process Personal Data. It also describes your choices regarding use, as well as your rights of access and correction of Personal Data.
Acceptable Use Policy
This Acceptable Use Policy is designed to ensure compliance with the laws and regulations that apply to any servis.ai Service.