Security programs

We take your data security seriously. With the GetWhy platform, you can not only connect with your consumers in an unprecedented way but you can rest assured your data is safe, private, and compliant with all industry standards.

Our security complies with and exceeds the widely accepted security standards. Our solutions are designed to assist you in meeting your compliance needs, and we have implemented stringent security measures at both the architectural and operational levels to ensure the safety of your data.

ISO 27001

We are compliant with the Information Security Management System ISO/IEC 27001 standard.

CIS Controls

We have implemented all Enterprise Level 1 and applicable Enterprise Level 2 CIS benchmarks to handle your sensitive data and ensure security and compliance.

EU data residency

All of the data you share with us is located in Europe, ensuring compliance with data protection regulations and maintaining data within the region.


GDPR is baked into our business processes, security policies, and employee training. GDPR checks are part of our risk assessment and internal audit.

VSA Core

We have completed the Vendor Security Alliance (VSA) Core questionnaire to evaluate and assess the security practices and controls of our third-party vendors and suppliers.

Penetration tests

We routinely stress-test the security of our computer systems, networks, and applications to identify and strengthen any IT vulnerabilities and weaknesses.

Want to know more?

If you want to know more about our security, data collection, and data processing protocols, feel free to contact us, or read our public security declaration.