Plannuh Security
Last Updated December 2020
For questions, contact security@plannuh.com
Plannuh treats customer security and privacy with paramount importance. We practice security by design and are trusted to handle the marketing plans, budgets, expense data, and marketing assets of credit unions, private and public banks, major legal firms, and cybersecurity firms in North America, Europe, Asia, and Australia.
Founded in 2017, Plannuh is backed by Glasswing (a Boston-based VC firm), and Gradient (Google’s early-stage VC fund).
How Plannuh connects to your systems
Plannuh runs in AWS. For US customers, its primary site is US Virginia East. For European customers, its primary site is Frankfurt.
Plannuh does not need to connect to your company systems for a successful deployment. All data required to run Plannuh may be entered manually, or through CSV upload
At our customer’s discretion, Plannuh may be integrated to certain technology platforms such as CRM systems and marketing automation systems. Plannuh can provide documentation about each integration upon request.
SOC 2 Type 1 Certified
Plannuh is certified as SOC 2 Type 1 covering Trust Services Principles of Security
GDPR
For our European customers subject to GDPR, Data Processing Agreement (DPA), EU Standard Contractual Clauses, Technical and Organizational Measures, Data Processing Details, and the Sub-Processors List are available at https://www.plannuh.com/gdpr
Strong data encryption
All data is encrypted in transit and at rest with industry-leading encryption algorithms (AES-256, TLS 1.2). Data is backed-up every 5 minutes on average.
Disaster Recovery and Business Continuity
Plannuh has a published Business Continuity Plan and Disaster Recovery Process. Comprehensive BIA is conducted at least annually. The DR team owners are identified and trained.
Security by Design
Plannuh operates under a security-by-design model. Our SDLC is based on OWASP.
Penetration Testing
Plannuh carries out penetration testing with a third-party testing company at least annually.
High Availability
Plannuh is a high availability system. Network and incident status can easily be checked here: https://status.plannuh.com.
Employee background checks
All Plannuh staff undergo background checks as part of the employee onboarding process.
Privacy and Security Training
All Plannuh employees are required to undergo security and privacy training as part of their onboarding process, with annual retraining.
Responsible Disclosure Policy
We welcome the support of the community to ethically identify opportunities to enhance our security. Our responsible disclosure policy can be found here.