Thunderhead Compliance

The processes and systems necessary to develop, operate, and maintain Thunderhead are designed to comply with globally recognized best practices and regulations for data security and privacy.

Privacy Shield

Thunderhead complies with the U.S.-EU and Swiss-U.S. Privacy Shield framework, as set forth by the U.S. Department of Commerce, regarding the collection, use, and retention of personal information from European Union member countries and Switzerland.

Learn more

 

Privacy Shield

GDPR Compliant

Thunderhead is committed to the privacy of your data and providing services that enable compliance with GDPR. Read our FAQs to find out more.

ISO 27001 Certified

Thunderhead is committed to information security and maintains certification to ISO 27001 the International Standard for Information Security Management. This covers requirements for information security management systems, providing a systematic approach to managing sensitive company information so that it remains secure. It includes people, processes and IT systems by applying a risk management process. 

Learn more

 

ISO27001 Certified

SOC-2

As a Service Organization Control (SOC) 2 Type 1 certified company, Thunderhead’s operations are independently audited against the attestation standards established by the American Institute of Certified Public Accountants (AICPA). The SOC 2 report provides assurance that we have suitable and effective controls for managing customer data and complies with the SOC 2 trust principles for Security, Confidentially, and Availability.

AICPA - SOC