Security

At MeasureOne, safeguarding the security and privacy of consumer data is a top priority. We implement industry-leading security practices to protect sensitive information throughout its lifecycle—from collection to transmission, processing, and storage.

Below are the core elements of our security framework:

Data Encryption

In Transit

All data transmitted between MeasureOne and external systems is encrypted using TLS (Transport Layer Security) to prevent unauthorized access or interception during transmission.

At Rest

Sensitive data is encrypted at rest using strong encryption standards (AES-256) to ensure that data remains protected even in the unlikely event of a breach.

Data Minimization

Consumer-Permissioned Data:**

MeasureOne only collects the data explicitly authorized by the consumer. No data is accessed or shared without the consumer’s informed consent, adhering to stringent data minimization practices.

Scope Limitation:**

We ensure that only relevant data needed for a specific service or process is accessed, reducing exposure and limiting the risk of misuse.

Compliance and Standards

MeasureOne complies with global data privacy regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We ensure consumers’ rights to data protection, access, and deletion are respected.

SOC 2 Certification

MeasureOne is a SOC 2 Type II organization. Our platform undergoes regular SOC 2 audits, ensuring our controls related to security, availability, processing integrity, confidentiality, and privacy are up to industry standards.

Monitoring and Auditing

Real-Time Monitoring

MeasureOne employs real-time security monitoring to detect and respond to any suspicious activity or potential security incidents. This includes network, system, and application-level monitoring.

Audit Logs

All system and user activities are logged and maintained in secure audit logs, providing a comprehensive record for investigation and compliance purposes. These logs are regularly reviewed to ensure accountability and transparency.

Incident Response

Incident Management Plan

MeasureOne has a robust incident management plan in place, designed to respond quickly and effectively in the event of a security breach. Our team follows a structured process to identify, contain, and remediate security incidents, minimizing potential damage.

Notification Protocols

In the unlikely event of a data breach, we adhere to all legal requirements and notify affected parties promptly, along with any relevant regulatory authorities, in accordance with applicable laws.

Consumer Privacy

Transparency and Control

Consumers are provided with full transparency regarding the data being accessed and shared. They maintain control over which data is permissioned, and can revoke access at any time. You can read about the consumer privacy at here

Data Anonymization

Where applicable, data is anonymized or pseudonymized to further protect consumer privacy while ensuring the functionality of our services.

MeasureOne is committed to continuously improving its security protocols to stay ahead of emerging threats, maintaining consumer trust, and ensuring data privacy and integrity across our platform.