Security Policies

Our commitment

Your user
data is safe

Secure Servers
Kinfolk's services are built on industry-leading technologies such as Amazon Web Services (AWS) to ensure the highest grade security of client data and best-in-class scalability.
IS027001 Certified
Continuous monitoring provided by Sprinto.
Visit our trust center.
GDPR & CCPA
We comply with the CCPA and GDPR.

We take user security seriously and think about it in every aspect of the product. If you notice a security issue or have a question or concern, you can reach out to us at security@kinfolkhq.com and we'll respond as soon as possible. We currently do not have a bug bounty program.

SECURE USER DATA
Kinfolk's user data is protected by AES-256 encryption at rest and in transit between our customers and us, and between us and our service providers (TLS 1.2+).
Additionally, strict identity and access management policies (such as single sign-on) ensure client data remains protected at all times.

CERTIFICATIONS
Kinfolk is ISO27001 Certified and GDPR compliant. If you'd like to sign a Data Processing Agreement (DPA), please send us an email with the information we need to send you the DPA.

FAQ
Who are our Sub-processors of data?
Please email kim@kinfolkhq.com to request the list

Would you like to see any of the following policies?
- Information Security Policy (including Incident Response, Remediation, Disaster Recovery)
- Software Development Lifecycle Policy
- Data Classification Policy
- Third Party Vendor Risk Management Policy

Visit our Trust Center to understand more about our security measures.

What is our Privacy Policy?
See here

If you think you may have found a security vulnerability, please get in touch immediately at kim@kinfolkhq.com