Legal

Customer Trust Center

Your trust is our foundation. We're committed to maintaining the highest standards of security and compliance to protect your sensitive information and ensure your peace of mind.

Our Security Promise

At SBI Growth Advisory, security isn't an afterthought-it's foundational to everything we do. We understand that you're entrusting us with sensitive business information, and we take that responsibility seriously.

 

Our security program is designed to protect your data through multiple layers of defense, continuous monitoring, and regular third-party audits. We're committed to earning and maintaining your trust every day.

Security & Protection

Comprehensive security measures across every layer of our technology and operations.

Data Security

We implement industry-leading security measures to protect your sensitive information at every level.

  • End-to-end encryption for data in transit and at rest
  • Multi-factor authentication (MFA) for all user accounts
  • Regular security audits and penetration testing
  • Automated threat detection and response systems
  • ecure data centers with 24/7 monitoring

Infrastructure Security

Our cloud infrastructure is built on enterprise-grade platforms with redundancy and resilience.

  • SOC 2 Type I certified infrastructure and processes
  • Redundant systems and automated backups
  • DDoS protection and network security
  • Regular vulnerability assessments
  • Continuous monitoring and incident response

Access Control

We enforce strict access controls to ensure only authorized personnel can access your data.

  • Role-based access control (RBAC)
  • Principle of least privilege enforcement
  • Regular access reviews and audits
  • Secure authentication protocols
  • Session management and timeout policies

Data Privacy

We respect your privacy and are committed to transparent data handling practices.

  • GDPR and CCPA compliant data processing
  • Clear data retention and deletion policies
  • Privacy by design principles
  • Data processing agreements available
  • Customer data segregation and isolation

Certifications & Compliance

We maintain rigorous compliance with industry standards and regulations to ensure your data is protected.

21972-312_SOC_NonCPA

SOC 2 Type I

Independently verified controls for security, availability, and confidentiality of customer data. Our SOC 2 Type I certification demonstrates our commitment to maintaining the highest standards of security and compliance.

GDPR Compliant

Compliance with the General Data Protection Regulation, ensuring European customer data is handled with the utmost care and in accordance with all applicable privacy requirements.

CCPA Compliant

California Consumer Privacy Act compliance, providing transparency and control over personal information for California residents and meeting stringent privacy standards.

ISO 27001 Aligned

Our information security management system aligns with ISO 27001 standards, demonstrating systematic approach to managing sensitive company and customer information.

HIPAA Ready

For healthcare clients, we maintain HIPAA-ready infrastructure and can execute Business Associate Agreements to ensure protected health information is properly safeguarded.

Privacy Shield

Adherence to EU-U.S. and Swiss-U.S. Privacy Shield frameworks for the transfer of personal data from the European Union and Switzerland to the United States.

Certifications & Compliance

We maintain rigorous compliance with industry standards and regulations to ensure your data is protected.

Data Protection

We use encryption, access controls, and secure protocols to protect your data from unauthorized access, disclosure, or theft.

Transparency

We're open about what data we collect, how we use it, and who we share it with. No hidden practices or surprise data usage.

Your Rights

You have the right to access, correct, delete, or export your data. We make it easy to exercise these rights at any time.

Frequently Asked Questions

How do you protect my data?

We use multiple layers of security including encryption, access controls, network security, and continuous monitoring. All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption. We also conduct regular security audits and penetration testing to identify and address potential vulnerabilities.

Who has access to my data?

Access to customer data is strictly controlled and limited to authorized personnel who need it to provide services. We enforce the principle of least privilege and use role-based access control. All access is logged and regularly audited. Our team members sign confidentiality agreements and undergo background checks.

Where is my data stored?

Your data is stored in secure, SOC 2 certified data centers within the United States. We use enterprise-grade cloud infrastructure with redundancy and automated backups. Data is replicated across multiple availability zones to ensure high availability and disaster recovery capability.

How long do you retain my data?

We retain customer data only as long as necessary to provide services and comply with legal obligations. When you request deletion, we remove your data from our active systems within 30 days and from backups within 90 days. You can request data deletion at any time by contacting our support team.

Do you share my data with third parties?

We do not sell or rent customer data to third parties. We only share data with service providers who help us deliver our services (such as cloud hosting providers) and who are contractually obligated to protect your data. We carefully vet all service providers and ensure they meet our security standards.

How do I report a security concern?

If you identify a potential security issue, please contact us immediately at security@sbigrowth.com. We take all security reports seriously and will investigate promptly. We also welcome responsible disclosure of any vulnerabilities you discover.

Questions About Our Security?

Contact Our Team View Privacy Policy