Spot's Commitment to Trust

Providing a secure and private place is central to Spot's mission. Our team comes from a background founding and developing secure enterprise software where customer trust is paramount.

Datacenter Security

Spot's production infrastructure is located on our Infrastructure as a Service (IaaS) provider, Amazon Web Services (AWS). AWS has an extensive list of privacy and security certifications and we strive to adhere to AWS best practices.

Data Encryption

Data in Spot is encrypted both at rest and in transit using industry-leading encryption standards.

Voice and Video Security

Voice and video communications are secured using TLS encryption and are not stored on our servers. We currently do not use end-to-end encryption, but this is something we are currently exploring.

Privacy & Safety Features

Our product provides the ability to be configured to meet your operational needs. Roles, permissions, and other features are designed to provide the right level of granularity for control.

Data Recovery

Backups of customer data are performed continuously and securely. We provide a maximum 24-hour Recovery Time Objective (RTO) and Recovery Point Objective (RPO).

Single Sign-On (SSO)

The Spot platform provides SSO using OAuth2 via a variety of identity providers. SAML support is on the roadmap.

Data Privacy

We take privacy seriously and do not sell, share, or export customer data to third parties in any capacity. We collect minimal data to improve our services and satisfy any legal, accounting, or contractual obligation.

Data Deletion

Customers can delete users, messages, and other communications from our system directly within the product. If a customer wants to terminate their relationship with Spot they can request to do so and all their data will be deleted within 60 days.

Employee Security

Spot consists of a relatively small team with very limited access to production infrastructure and customer data. We utilize a change management system to track and control changes to our production environment.

Uptime Transparency(In Progress)

We are working on a status transparency dashboard to provide public and continuously monitored uptime information.

Our Roadmap

We believe the right way to do privacy and security is to prioritize it from the start.

Establish foundational security and privacy practices leveraging past experience.
Build secure initial product offering.
Acquire SOC 2 and ISO 27001 certifications.(In Progress)