Faraday can't operate without your data, so securing it is our top priority. We have been in business since 2012 and have handled hundreds of brands' PII data.
As stated in our Terms, your company data is only used to generate your company's predictions. Any data you provide to us is logically isolated to your account and does not benefit other accounts.
Faraday has an active HackerOne penetration testing and bug bounty program.
Faraday has a NIST 800-53 risk management program that is assessed every quarter by the Faraday risk committee, comprising senior executives and the CEO.
Faraday is compliant with the California Consumer Privacy Act. We will sign Data Protection agreements. We will respond to data access, do-not-sell, and data deletion requests.
Faraday is compliant with the Health Insurance Portability and Accountability Act. We will sign Business Associate Agreements.
Faraday is compliant with the European General Data Protection Regulation. We will sign Data Protection agreements. We will respond to data access, do-not-sell, and data deletion requests. Our method of compliance is to immediately delete all European data as soon as it comes into our possession.
Your data is encrypted at rest and in transit. Unencrypted access is disabled.
- Our app and API run in Google Cloud Platform. They are private nodes served by Google Load Balancers, which are themselves behind a restrictive Web Application Firewall (Google Cloud Armor).
- Our database is Google Cloud SQL and is not accessible to the public internet.
- Our data warehouse is Google BigQuery.
We require PII to match your data into our Faraday Identity Graph containing data about more than 270 million US adults. This can be any combination of:
- plaintext name
- plaintext physical address
- plaintext phone
- plaintext email
- SHA-256 hashed lowercase email
Updated 2 months ago