Security and compliance at Argyle

We’re serious about safeguarding data

Protecting personal information is our top priority. For the sake of our users and customers, we don’t compromise or cut corners when it comes to data security. As part of that commitment, we operate with the utmost transparency. The following overview provides a high-level look at the ever-evolving security practices we have in place.

We’re compliant with the highest security and privacy standards

SOC 2 Type II – Argyle has completed a SOC 2 Type II examination for security, availability, and confidentiality and is audited annually. SOC 2 Type II is the most comprehensive certification within the Systems and Organization Controls (SOC) protocol. Our successful SOC 2 Type II examination attests to our stringent compliance with these standards over a six-month look-back period. The report is available, upon request, for review by existing customers and prospects. As the information is confidential, we require a signed NDA to review the report.

We encourage responsible disclosure

If you discover vulnerabilities in our application or infrastructure, we ask that you alert our team by contacting [email protected]. We also publish industry standard security.txt, including our PGP key, if you prefer encrypted communications. We will do our best to respond quickly as possible to your submission.

If you are investigating a potential vulnerability, we would appreciate it if you would: (1) avoid automated testing and only perform tests using your own/dummy data; (2) include a proof of concept in your email to us; (3) not disclose information regarding a vulnerability until we fix it.

Note that our bug bounty program is currently closed and we are not looking for new security researchers. We won’t pay rewards to anybody who is not part of the program.