Guru has been built from the ground up with security in mind. Our founding team has decades worth of experience building out cloud data integration systems for some of the largest enterprises in the world with industry leading security measures.
Guru uses an independent third party to conduct a SOC 2, Type II audit on its knowledge management system. This audit covers the SOC 2 Common Criteria and the Confidentiality and Privacy trust services criteria. We’re happy to share this report with clients or prospects with a signed non-disclosure agreement on file.
Guru fully adheres to the spirit and the letter of the EU’s General Data Protection Regulation (GDPR). By developing policies and mechanisms to address data subject rights and third party contractual obligations, Guru meets the requirements called out by the US Department of Commerce Privacy Shield program. Find us here.
Guru does not process PCI data, but uses a third party for payment purposes. Accordingly, Guru conducts an annual Self Assessment Questionnaire (A-EP) and leverages the Trustwave “Trustkeeper” program to conduct monthly network scans against all of Guru’s public facing connections.
Guru takes the data handling of our EU customers seriously. Before the GDPR became enforceable in May 2018, we'd already added multiple processes to our security control framework and required our subprocessors to commit to security minimums through Data Processing Agreements. We're ready to meet data subject requests wherever and whenever they happen.
He worries about security so that you don't have to.
Learn more about Wes's role in security at Guru on our blog.
Now how about them digits?
Want a quick run-through right now?
Watch this Guru Overview Video!