BoldDesk Security and Compliance Overview
BoldDesk takes your privacy, data, and security as our highest priority. Below is an overview of BoldDesk’s security and compliance measures. You can find more detailed information in the links provided.
- SOC 2 Type 2 Certified: BoldDesk is SOC 2 Type 2 certified, demonstrating our commitment to industry-standard security, availability, and confidentiality practices.
- GDPR Compliance: BoldDesk follows GDPR regulations to ensure proper handling and protection of personal data.
- Data Encryption: All customer data is encrypted both at rest and in transit using industry-standard encryption protocols.
- Access Control: We employ strict access control measures, including multifactor authentication and role-based permissions, to safeguard sensitive data.
- Third-Party Sub-Processors: We use trusted third-party sub-processors to help process, store, and secure information. Details about these Sub-processors.
- Data Processing Amendment (DPA): A Data Processing Amendment is available for customers who require it.
- Secure Payment Processing: All payment transactions are securely handled by Stripe, a PCI-compliant payment processor responsible for encrypting and processing credit card information.
- HIPAA Compliance: BoldDesk is a HIPAA‑compliant help desk and ticketing system designed to securely handle Protected Health Information (PHI) for healthcare organizations and business associates. Explore HIPAA Onboarding and Security Guidelines for BoldDesk Users.
For more detailed information, please check: BoldDesk Security and Compliance Details
If you need additional information, please contact your sales representative.
FAQs
1. Does BoldDesk encrypt data and attachments?
Yes. BoldDesk encrypts all customer data and file attachments both in transit and at rest using industry‑standard protocols.
2. Is encryption included by default or requires setup?
Encryption is built in by default—no additional configuration is needed.
3. Can I upload attachments securely?
Yes. Any files added through the agent portal, customer portal, or email are automatically encrypted once uploaded.
4. Do I need HIPAA mode for extra security?
Only if you handle PHI or regulated medical data. HIPAA compliance requires enabling a HIPAA account and signing a Business Associate Agreement (BAA).
