It would be great if tawk.to obtained either (or both) SOC 2 or ISO 27001 security certification. An organization I work at doesn’t allow usage of products without at least one of those certifications due to our various client contracts. There are likely other companies out there similar.
Hi @gatormain, thanks for reaching out.
We are planning to seek SOC2 and ISO certification in the future, however, we don’t currently have an ETA.
Let us know if you have any other questions.
Regards,
Kristaps
Hi @kristaps ,
Do you have any updates on this? Could you please clarify where the infrastructure is hosted and where user data is stored, given that it involves personal information?
Regards
Hi @Samuelgoes, thanks for your message.
We do not currently hold ISO or SOC 2 certification. However, we are working with a compliance partner to achieve these standards. The process is already underway, and we will provide updates as we reach key milestones.
Regarding your second query: data is securely stored on Google Cloud Platform (GCP) in Google data centers located in the USA. We also make use of a global Content Delivery Network (CDN) to ensure fast, reliable delivery. While data at rest remains in the USA, it may transit across regions depending on where agents and visitors access the service.
We recognise the importance of data residency, and we’re developing a solution that will give customers the ability to choose where their data is stored in the future.