From the start, security has been a top priority at Sapling. This is reflected from the ground up in our infrastructure, systems, and procedures.
As we service enterprise clients in the U.S. and internationally, we ensure that we (1) follow the latest security practices, (2) seek external testing and audits, and (3) provide customizable cloud and self-hosted/onprem offerings.
Sapling uses TLS encryption for data in transit and AES-256 encryption for data at rest.
Our servers are located in a private network with default deny configuration.
Access to data is restricted and data is only processed on our private networks.
All Sapling employees are undergo privacy and security training.
Please contact us for detailed data policies and procedures.
Sapling undergoes annual external testing, and is also SOC 2 Type II certified. Contact us for detailed reports and documentation.
Sapling additionally supports customers who require HIPAA and/or PCI compliance.
firstname.lastname@example.org with any other questions or concerns.