Enterprise-grade security for the safety of your business
Giift prioritizes robust security measures to ensure a safe and secure experience. Our solutions are designed to protect and scale your business operations efficiently while ensuring the privacy and security of your customer data.
Trusted by over 3000 enterprises across the globe
Our compliance certifications
.svg)
ISO 27001 ISMS
Information Security
Management System
Our compliance with ISO 27001 affirms our commitment to securing information through a strong information security management system. Our processes help manage information security risks, protect data, and continuously improve security practices.
.svg)
SOC 2
SOC 2 Type 1 &
SOC 2 Type 2
The SOC 2 reports ensure that we have controls in place to process and manage data, affirming Giift’s high standards in managing data based on five "trust service principles"—security, availability, confidentiality, processing integrity, and privacy.
ISO 14001
Environmental
Management System
The ISO 14001 certification underscores Giift’s dedication to environmental sustainability. We are committed to continuous improvement in our environmental performance, ensuring eco-friendly operations and practices.
GDPR
General Data
Protection Regulation
We conduct regular sensitization programs for our technology and operations to ensure adherence to all the key privacy principles: Accountability, Privacy by Design and Default, Data Minimization, and Subject Access Rights.
.svg)
CCPA & CPRA
California Consumer Privacy Act & California Privacy Rights Act
Our compliance with CCPA and CPRA ensures privacy of sensitive personal information (SPI) and personal information (PI) that are regulated separately to strengthen the rights of residents of California.
HIPAA
Health Insurance Portability and Accountability Act
Giift’s compliance with HIPAA portrays our commitment to protecting sensitive health information. We employ robust safeguards while handling medical information, providing organizations with the necessary confidence in our systems.
Additional security features
Regular Vulnerability Tests (VAPT)
Through regular comprehensive testing, we identify potential security vulnerabilities and mitigate them proactively, ensuring our platform remains resilient against evolving cyber threats.
Seamless Secure SSO
Streamline user access with our Single Sign-On (SSO) capability, enabling seamless authentication across multiple services and systems while enhancing security and user experience.
Enhanced 2FA
We employ robust authentication mechanisms paired with two-factor authentication (2FA), adding an extra layer of security to verify user identities and prevent unauthorized access.
Data Location Control
Our multi-region deployment capabilities ensure that your service remains robust and compliant across geographical locations, with data residing in the location of your choice.
Secure On-Premise Deployment
For enterprises requiring maximum data control, we offer on-premise deployment options for some of our products, aligning with their internal compliance and security policies.
Role-Based Access Controls
With RBAC, you can define and restrict system access based on individual roles within your organization, ensuring users see only what they need to perform their jobs.
Encrypted Connections
Our products uses HTTPS with TLS/SSL protocols to create a secure, encrypted connection for all data transfers, safeguarding against interception and tampering.
.svg)
Traceability with Audit Trails
Maintain detailed audit trails for all system and data interactions, which are crucial for compliance, monitoring, and security forensic analysis.
Secure Data Integration
Seamless integrations with your CRM, data warehouses, and data lakes via secure channels like SFTP, HTTPS, OAuth-Authorized REST APIs, and Site-to-Site VPN Tunnels.
Frequently asked security and compliance questions
1. Where is my data stored? Can I choose where my account and data will be located?
Yes, we offer enterprises the optional flexibility to decide where they want their data to be. In most cases, our infrastructure can accommodate special implementations as per the enterprise’s requirements.
2. If we have specific security and privacy settings requirements, would it be possible to incorporate that in Giift’s solutions?
You can reach out to a Giift representative to check for specific requirements. We are compliant with a wide range of internationally recognized standards, and will be open to evaluating any specific requests.
3. Can we get a copy of Giift’s compliance certificates and reports?
Yes, you can reach out to a representative to request this information. However, the following resources may require an NDA on file: SOC 2 Compliance Report, Vulnerability Assessment and Penetration Test (VAPT) Summary, California Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA) Report, Health Insurance Portability and Accountability Act (HIPAA) Report, GDPR Data Privacy Impact Assessment Report.
.webp)
.webp)
.webp)
.webp)
.svg)
.webp)
.webp)
.svg)
.webp)
