Last Updated December 2020
For questions, contact email@example.com
Plannuh treats customer security and privacy with paramount importance. We practice security by design and are trusted to handle the marketing plans, budgets, expense data, and marketing assets of credit unions, private and public banks, major legal firms, and cybersecurity firms in North America, Europe, Asia, and Australia.
Founded in 2017, Plannuh is backed by Glasswing (a Boston-based VC firm), and Gradient (Google’s early-stage VC fund).
How Plannuh connects to your systems
Plannuh runs in AWS. For US customers, its primary site is US Virginia East. For European customers, its primary site is Frankfurt.
Plannuh does not need to connect to your company systems for a successful deployment. All data required to run Plannuh may be entered manually, or through CSV upload
At our customer’s discretion, Plannuh may be integrated to certain technology platforms such as CRM systems and marketing automation systems. Plannuh can provide documentation about each integration upon request.
SOC 2 Type 1 Certified
Plannuh is certified as SOC 2 Type 1 covering Trust Services Principles of Security
Strong data encryption
All data is encrypted in transit and at rest with industry-leading encryption algorithms (AES-256, TLS 1.2). Data is backed-up every 5 minutes on average.
Disaster Recovery and Business Continuity
Plannuh has a published Business Continuity Plan and Disaster Recovery Process. Comprehensive BIA is conducted at least annually. The DR team owners are identified and trained.
Security by Design
Plannuh operates under a security-by-design model. Our SDLC is based on OWASP.
Plannuh carries out penetration testing with a third-party testing company at least annually.
Plannuh is a high availability system. Network and incident status can easily be checked here: https://status.plannuh.com.
Employee background checks
All Plannuh staff undergo background checks as part of the employee onboarding process.
Privacy and Security Training
All Plannuh employees are required to undergo security and privacy training as part of their onboarding process, with annual retraining.
Responsible Disclosure Policy
We welcome the support of the community to ethically identify opportunities to enhance our security. Our responsible disclosure policy can be found here.