Security of your content, metadata, and information held within iconik is a highest priority. As an iconik customer you benefit from iconik's security model, infrastructure, compliance to standards and development helps keep you content and related information secure and you in control.
We comply with the latest General Data Protection Regulation (GDPR) across iconik.
Sometimes we need to share user data with third parties in order to deliver a better service. Third parties systems where we remove all user identifiable data include:
- Google Analytics
- Google Cloud
For more information and a detailed list of all subcontractors, please see Appendix 1, section 5 of the Data Processing Agreement.
We do not store credit cards ourselves but utilise Stripe to provide services for managing your billing, credit card information and invoicing. We are PCI-DSS compliant and you can find our PCI-DSS SAQ-A here
iconik has been assessed by external auditors that have CISSP, OSCP, CEH, PCIP, ISO, CISA, CISM, certifications and following methodologies and standards that include NIST SP800-115, PTES, OWASP and Offensive Security. It was concluded that an unauthorized person cannot penetrate the system, and iconik's security mechanisms are state-of-the-art and effective.
iconik's security model is built to provide you control whilst being secure from the outset.