We are security people at heart ❤️
That's why we are building our company and services to be highly secure and trustworthy from the start.
Nudge Security at a glance
Learn how we protect your data and trust with our privacy, security, and compliance practices.
Serious about privacy
Your data belongs to you. We make it simple for you to manage your data and privacy rights while using our services, in accordance with the GDPR and CCPA.
Secure by design
As a security startup, we are taking a security-first approach as we build each facet of our service and company. It's what we've always dreamed of.
Certified at the start
That's our goal, and it's why we already have our SOC 2 certification. Our GDPR efforts are underway.
Security program overview
We build with a security-first approach from design to deployment, ensuring that we have the right infrastructure, automation, and monitoring to protect your data.
Data security
We encrypt data at every point in transit with TLS v1.2+ and at rest with AES-256. We conduct regular data backups and third-party risk reviews. We make it easy for you to fully erase your data.
Identity and access
We enforce a least-privilege model, strict password security, access logging, MFA and SSO for access to sensitive data and resources.
Application security
Our development best practices include continuous code analysis, vulnerability scanning, and secrets management. For responsible disclosure, please notify us at security@nudgesecurity.com.
Infrastructure security
We build with microservices and serverless architecture in AWS. We implement least-privileged access, logical tenant separation, and continuously monitor all environments.
Ask us anything. This is our favorite topic.
If you don't find the answer to your question below, please chat with us or drop us line at security@nudgesecurity.com.
Where can I learn more about your product security?
In addition to the information on this page, please visit our Safebase site where you can request access to our security reports and subscribe to updates. Because we are in a period of invite-only early access, we are not publicly posting too much information about our services at this time. However, we are sharing information freely with our early access launch team. Get started with our early access program to chat with us about our product security at length.
Will you complete a security or compliance questionnaire?
Yes, for our early access development partners and early customers, we can fill out a required security or compliance questionnaire upon request.
Where can I learn more about how you store and process my data?
We are glad you asked! Ever single person in our organization is committed to upholding your data privacy rights. You decide what information you share with us, how we can store and process it, and how we can communicate with you. To learn more, including how to update your preferences, please read our Privacy Policy and Terms of Use.