Skip to content
Tome

Secure by design.

At Tome, security and privacy are foundational to everything we do. With our SOC 2 Type I certification and a proactive approach to safeguarding data, we are committed to protecting your information.

Security measures

Data encryption

All customer data is encrypted using AES-256 encryption at rest and TLS 1.2+ in transit to prevent unauthorized access during storage or transmission.

Access controls

We enforce role-based access controls (RBAC) to ensure only authorized personnel can access sensitive information. Multi-factor authentication (MFA) is required where available across our organization.

Continuous monitoring

Our systems are continuously monitored for potential threats. We leverage advanced tools and monitoring solutions to identify and respond to anomalies in real time.

Regular penetration testing

We conduct regular penetration testing through third-party experts to identify and address vulnerabilities before they become risks.

Privacy practices

Transparency

We believe you have the right to know how your data is collected, used, and stored. Our privacy policy outlines every aspect of our data handling practices.

Purpose-limited data collection

We only collect the data necessary to provide you with exceptional service and nothing more.

Data anonymization

Whenever possible, we anonymize or pseudonymize data to enhance its security and limit exposure.

Certifications & compliance

SOC 2 Type I

Independently verified to meet the rigorous requirements of the AICPA Trust Services Criteria.

SOC 2 Type II (in progress)

Our platform is actively undergoing a thorough evaluation to ensure SOC 2 Type II compliance with the AICPA Trust Services Criteria.

Incident response

Rapid detection

We use advanced monitoring tools to detect threats and anomalies immediately.

Defined protocols

Our incident response framework ensures swift containment and minimal disruption.

Customer communication

We believe in transparency. If an incident impacts your data, we will notify you promptly and provide regular updates as we resolve the issue.

Set up a meeting to get started.