We're committed to data security and privacy.

Iteratively recognizes the importance of security and has prioritized a sound security and privacy posture since its founding. The Iteratively service runs on world-class, modern cloud infrastructure operated by 3rd party providers with consistently excellent security track records like Heroku and AWS. It is operated by a small team of engineers that have managed enterprise-grade SaaS services at scale at startups and Fortune 100 companies alike and who understand ensuring the safety and privacy of customer data must underpin every step in our process.

Scroll down for information about specific security practices, and read our privacy policy, terms of service, and cookie policy.

Please email if you have any questions.

Network and application security
Data is always transmitted over encrypted connections (TLS 1.0-1.2) and stored encrypted at rest (AES-256).
Full logical separation of development and production environments, with named, dedicated accounts for each.
Infrastructure is automatically monitored to verify it’s configured securely, has the latest security patches, and all activity by employees is logged.
Development is done using industry-wide best practices including automated and manual testing, code reviews, continuous deployments, production logging and alerts, and regular performance benchmarking.
Product security
All projects go through a security-design review prior to kickoff and an audit prior to being released.
Admins can enable SSO via Google. Users will never need to set up a password to log in to their account.
Company security
All employees complete annual security and awareness training.
Your data is yours to own and we will never share or sell your data.
Internal policies and rules restrict access to customer data to authorized team members for customer support and debugging reasons only.
Iteratively has appointed a Data Protection Officer to oversee our ongoing compliance efforts.
GDPR compliance

We play our part in protecting our customers’ privacy and personal data and have appointed a Data Protection Officer to oversee our ongoing compliance efforts.

Data privacy practices

Iteratively complies with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework for processing and transferring customer data.

SOC 2 Type 2
In Progress

Iteratively has started the process of SOC 2 Type 2 certification. This will demonstrate that our security policies, measures, and procedures rigorously protect customer data.