TextExpander Security
Enterprise-grade security to keep your data safe.
We employ a number of different security features and
practices to protect you and your organization’s data.
SOC 2 and SOC 3
TextExpander maintains a SOC 2 and SOC 3 security certification, and our app and database servers run atop SOC 2 and SOC 3 certified infrastructure. TextExpander undergoes regular third-party independent security audits, and we can provide our SOC 2 and SOC 3 report upon request.
Standardized communication
GDPR-compliant. CCPA-compliant. We promptly handle privacy-related requests, including erasure (“right to be forgotten”). We list our sub-processors and the business purposes for which we employ them.
People
Security training is an important part of both onboarding new staff and continuing education. Staff with access to customer data undergo background checks. TextExpander is engineered using a secure software development lifecycle process.
Policy
TextExpander maintains detailed security policies, including but not limited to: Access Control, Backup & Restoration, Change Management, Data Integrity, Incident Management, Network Security, Risk Assessment, and Server Security.
Reliability
TextExpander strives for no unscheduled downtime, and TextExpander performs its primary function (expanding snippets) even when offline. We’re transparent about our system status. We maintain business continuity and disaster recovery plans.
HIPAA Compliance
TextExpander is compliant with HIPAA (Health Insurance Portability and Accountability Act) Security, Privacy, and Breach Notification rules. For more information, or if you require a BAA, you can learn more here.
Have more security questions? Visit our Trust page.
Have an ethical vulnerability report? Let us know.