Trust & Safety

Security and Compliance
at Crowdship

We value privacy and handle personal information accordingly. Our merchants and partners can trust that we have taken steps to adhere to privacy standards and laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

Building security into everything we do

Security is at the center of how we do business every day to protect your data. We have integrated and continue to develop rigorous security activities across our platform, including software development practices, processes, and tools to keep your information safe.
Born in the cloud

Industry-leading protocols, including SOC2 adherance and data encryption at rest, keep your retail shop or marketplace secure and robust.

Active bug bounty program

We maintain an active bug bounty program and contract with third-party organizations to conduct regular security tests to validate the effectiveness of our security controls. Report a bug

Internal audit

Our internal audit process routinely monitors system activity, data access, and partner behavior to ensure compliance, detect anomalies, and maintain platform integrity.

Adhering to industry standards

Crowdship services are cloud-native applications running on Digital Ocean Cloud Services. Our platform was designed with an emphasis on availability and resilience. Our recovery strategy leverages Digital ocean infrastructure by utilizing regions and zones, as well as inter-region capabilities, to achieve our Recovery Time and Recovery Point Objectives (RTO and RPO).

SOC1 Type I and II

In addition to the compliance and security provided by our hosting infrastructure, Crowdship is built in alignment with leading industry standards to help keep your data safe. All payment processing is handled through PCI DSS Level 1 certified providers, and our internal controls follow the SOC 2 Trust Services Criteria.

PCD/DSS/ISO 27000 & 27001

Our services are maintained and hosted on the Digital Ocean Cloud Services platform, which complies with an independently verified set of standards and frameworks (for example, PCI DSS, SOC 2&3, ISO 27000).

ADA Compliance

We also take active steps to monitor that our platform is usable by all individuals and review compliance with relevant standards, including the Americans with Disabilities Act (ADA).

OPSEC Risk Accessment & Prevention

Crowdship performs the VAPT assessment on a quarterly basis.

Operational security

We have designed and continue to make significant investments in operations to achieve optimum security and ongoing compliance of our services. We combine automation and skilled reviewers to filter intelligence from many sources to determine the necessary course of action. Our operating procedures include:
24/7 incident handling with defined escalation paths
Data encryption (including TLS and AES256) at rest and in transit
Secure system access management with multi-factor authentication
Maintenance and backup procedures
Start free trial
Company
Terms of ServicePrivacy PolicyRetailer AgreementSupplier AgreementTrust & Safety
Use Cases
For RetailersFor Suppliers
Platform
Inventory ManagementOrder AutomationAccounting & ReconciliationIntegrations
Support
SupportContactMerchant ProcessingInvite a Supplier
Resources
DocumentationCase StudiesWhat is dropshipping? BlogInstall Shopify app
CareersIndustriesPartner with usInvite a Supplier
For RetailersFor SuppliersInstall our Shopify app
Expand your catalogOptimize dropshippingLaunch an online storePartner with online retailers
SupportContactMerchant ProcessingFAQ
DocumentationCase StudiesWhat is dropshipping? Blog
© 2024 Crowdship.io. All rights reserved
Terms & ConditionsPrivacy Policy