We protect your privacy
At AvePoint, we respect each individual's right to personal privacy. We are committed to developing, implementing, and maintaining appropriate administrative, technical, and physical safeguards within the products and services we provide and within our own systems. This ensures the security and confidentiality of personally identifiable information (PII) as well as confidential and proprietary information. We actively protect this information from anticipated threats and hazards as well as unauthorized access or use.
We’re constantly working to improve, so if you notice something in our products and services that does not work the way you would expect when it comes to privacy or security, please let us know.
Privacy at AvePoint
Our Commitment to GDPR
AvePoint is committed to protecting the privacy and security of the personal information of our customers and employees. Like many of our customers, AvePoint works hard to ensure our privacy and security programs meet the highest standards of data protection including those outlined in the EU General Data Protection Regulation.
This is not a new effort for us, but rather a continuation of an existing company commitment to transparency with our customers and employees regarding our data collection, use, retention and sharing practices. This is also a continuation of our commitment to implement appropriate technical security measures to protect all AvePoint stakeholders.
AvePoint builds on the foundation and discipline necessary to develop and support some of the leading privacy and security products in the world. As part of our Privacy and Security Program we have implemented a governance structure through which we engage senior management on data privacy and security issues, align policies, procedures and technical controls to demonstrate our process and our commitment to our customers and users, and train each of our employees on all privacy and security expectations. Further we have extended embedded privacy and security by design into our product life cycle processes, and we have implemented a program to manage third-party risk.
The implementation of such compliance driven programs is not new to AvePoint and we remain fully committed to approaching this initiative diligently with the utmost focus on securing and maintaining customer trust.
Should you have questions about any of our security, privacy or compliance programs, please feel free to contact us email@example.com.
Security at AvePoint
To request a copy of any of our security assessments or reports, please email firstname.lastname@example.org, and indicate which report(s) you would like to receive.
AvePoint has received ISO 27001:2013 certification with respect to secure software development and maintenance process including support business functions like Infosec, IT, HR, Sales and Marketing, Project Management, Operations and Call Center.
SOC2 Certification for Service Organizations
AvePoint has earned the System and Organization Controls (SOC) 2 Type II certification that covers AvePoint Online Services (AOS), AvePoint Migration Platform (AMP), DocAve, Compliance Guardian, Governance Automation, and Records, that collectively migrate, manage, and protect data across cloud and on-premises collaboration systems.
The SOC 2 Type II audit and attestation, conducted by an independent CPA firm, confirms that AvePoint meets the strict information security and privacy standards for the handling of highly sensitive customer data established by the American Institute of Certified Public Accountants (AICPA). Our report is issued by independent third-party auditors and covers the principles of Security, Availability, Confidentiality, and Privacy.
Our SaaS solutions are currently hosted in the FedRAMP (High) Authorized Azure Government Data Center. This data center follows the certifications and accreditations for FedRAMP (High) as well as the Department of Defense Impact Level 5.
Our cloud services are FedRAMP Authorized SaaS solution for use across all agencies. We received agency-sponsored authority to operate (ATO) in April 2021.
CSA Self Assessment (STAR Level 1)
AvePoint has completed the security self-assessments, based on the Cloud Controls Matrix, to evaluate and document our security controls.
Cybersecurity Tech Accord Member
AvePoint is one of more than 100 organizations that have signed the Cybersecurity Tech Accord pledging to help create a safer online world by fostering collaboration among global technology companies committed to protecting their customers and users and helping them defend against malicious threats.
Security Notices and Alerts
AvePoint Security Notice 07172017: View
AvePoint/SolarWinds Notification: View
AvePoint/Microsoft Exchange Server Notification: View
Vulnerability Reporting Policy
Learn how we address and respond to product vulnerabilities.
Learn how we protect the data we collect directly from you on the AvePoint website.
Privacy Shield Policy
Learn about our privacy practices with regards to the EU-U.S. and Swiss-U.S. Privacy Shield Principles.
Learn how we are committed to website and product accessibility.
Data Protection and Information Security Policy
Learn more about Data Protection and Security at AvePoint.
Privacy Notice to California Residents
Learn more about how we comply with the CCPA