Privacy and Security Center

Selligent strives for the highest standards in personal data privacy and security. Data protection is part of our DNA.

Every year, hundreds of companies use Selligent to collectively deliver billions of powerful customer experiences. So we’ve built our services with security in mind, and we work with our clients to store their data in a manner designed to help them comply with any applicable regulations.

Selligent undergoes annual third-party audits of its data privacy and security practices, policies and procedures. Selligent is ISO27001 and ISO27018 certified. Selligent, Inc. (our U.S. entity) is Privacy-Shield Certified. Selligent has also undergone an assessment of its compliance with the HIPAA privacy rules, is HDS certified in France, and undergoes an annual SOC 2 Type 2 audit.

The EU’s General Data Protection Regulation (“GDPR”), and now the California Consumer Privacy Act of 2018 (“CCPA”), require companies holding the personal data of their customers to implement a number of similar privacy standards. CCPA was closely modeled on GDPR and, although CCPA imposes similar obligations as compared to GDPR, companies that have prepared for GDPR compliance should not assume they have all their bases covered when it comes to CCPA compliance, as there are distinct differences between the laws. GDPR compliance may help with some aspects of CCPA compliance, but companies need to carefully and separately assess the requirements of CCPA and adopt policies and plans accordingly.

How Selligent Enables Privacy Compliance

Selligent provides tools that clients can use to align data collection practices to meet the needs of their CCPA/GDPR compliance plans. Based on core principles such as consent management, data deletion, data portability, and processing restrictions, Selligent provides its clients with access to our Consumer Information Management Tool (“CIM”).

Consumer Information Management Tool

Our online Consumer Information Management (CIM) tool is a self-service interface available to clients using the latest version of our platform. The tool supports consumer privacy regulations, by allowing clients to easily manage privacy requests – from collection or removal of personal information to unsubscribing to communications – all in a few clicks. The tool allows brands to manage personal data across the entire customer profile, to build privacy settings and filters into campaigns, helping automate user preferences in a manner that can be easily managed, regardless of channel or campaign. It allows for consistency throughout the customer relationship and includes capabilities that address Data Subject rights noted in CCPA and GDPR regulations such as:

  • Right to transparent information
  • Right to access data
  • Right to rectification
  • Right to be forgotten
  • Opt-out rights
  • Right to withdraw consent

However, Selligent clients should consult with their own legal counsel to design processes and flows necessary for compliance. It is incumbent upon our clients to make sure their use of our platform and the CIM tool is compliant with any applicable regulations including CCPA and GDPR.

We invest in obtaining top certifications

These certifications confirm that Selligent adheres to high security standards, and that data privacy lies at the core of our values.

  • ISO 27001, ISO 27701 and ISO 27018 Certifications – Selligent is certified globally.
  • SOC 2 Type 2 Audit – Selligent undergoes an annual audit completed by a third-party of AICPA’s System and Organization Controls criteria.
  • HDS Certification – “Hébergement de Données de Santé” (Hosting Health Data) – Selligent has attained HDS certification provided by the French government and health ministry of France, which sets the standard for sensitive health data protection. HDS certification signifies compliance for the secure and safe processing and storage of health data of French nationals.
  • HIPAA Compliance Assessment – A SOC 2 Type 2 report is an independent service auditor’s report that describes a service organization’s system and the suitability of the design and operating effectiveness of controls relevant to security, availability, confidentiality, and privacy.

We offer options to keep data secure

  • Encryption – When handling data imports and exports, Selligent employs ETL (Extract, Transform, and Load) logic using batch processing tasks over SFTP, FTPS, etc. Files can be unzipped and decrypted (PGP) by the processor. We also offer secure rest API transmission. In addition, Selligent offers the ability to encrypt data at rest (charges may apply).
  • User access control and fine-grained access control – Selligent has rigorous processes and security controls in place, including: physical access controls, denial-of-use controls, data access controls, data transmission controls, data entry controls, subcontractor controls, availability controls, and separation controls.
  • Shortened data retention and data minimization – Selligent is able to configure the platform to suit your data storage and purge requirements.
  • Ability to host data in EU if a requirement – For our EU customers, data is hosted in Europe by default. Clients outside of the EU have the option to house data in Europe.

Selligent partners with its clients to store their data in accordance with their needs and the regulations they are subject to.

We offer monitoring and records of processing activities

  • Selligent offers continuous monitoring and robust intrusion detection to ensure that our best-in-class security is constantly maintained.
  • Auditing and monitoring of data movement – Selligent can provide detailed sets of logs. Platform user and API activities are captured, supporting this audit and monitoring processes.

We provide the tools for clients to manage various privacy requirements such as when data subjects:

  • Request to obtain detailed information from the data controller in a structured, machine-readable format.
  • Ask for data to be rectified and/or erased.
  • Ask to not have certain web and app-based behaviors tracked for personalization and targeting.

Selligent Marketing Cloud gives you the tools to manage consent and permissions

  • Flexible forms – The Selligent Marketing Cloud Forms Module is designed to enable forms to be built by those without design experience. Rules and constraints that govern who sees the page, and which content is driven for each page’s users, are set up in a similar way to how dynamic content and segment selection are used throughout the tool.
  • Self-service database structure – Selligent Marketing Cloud sits on an open, relational database model. The structure of the data model can be fully tailored to a client’s specific requirements and allows the addition of new fields without the need for professional services intervention.
  • Connection to your service teams – Selligent Marketing Cloud’s open, relational database model makes it easy to connect with many different CRM systems. Selligent Marketing Cloud also offers its own proprietary application, Frontline, to help make customer service easier via customizable agent forms.

Related Resources

CCPA Addendum to the Data Processing Agreement

Disclaimer: The content on this webpage is intended to share views on marketing good practices. This content should not be construed as legal advice nor relied upon for legal compliance purposes.