TRust, Compliance, and Legal

Enterprise grade trust and security for every customer

At Vanilla, security, trust, and data protection are as vital to our business as they are to yours. 

We built Vanilla to be secure enough for world’s largest banks. We’ve democratized it so every Vanilla customer benefits. Vanilla uses best practices and industry standards designed to keep data safe, which in turn helps our customers meet their own compliance requirements.

Vanilla’s cybersecurity strategy prioritizes detection, analysis and response to known, anticipated or unexpected cyber threats, effective management of cyber risks, and resilience against cyber incidents. Vanilla’s platform employs enterprise-grade security features combined with comprehensive reviews of our applications, systems, and networks. We’re continuously working to protect your data.

If you have additional questions, please contact us at legal@justvanilla.com.

Trust Center

Vanilla undergoes an annual SOC 2 Type II audit for the AICPA Trust Service criteria security, availability, and confidentiality. A SOC 2 Type II audit is an independent assessment of an organization’s controls and information systems conducted by a Certified Public Accounting firm. Vanilla has earned clean reports since it commenced its SOC 2 audits in 2022. An independent third party also conducts a penetration test at least annually, and Vanilla remediates vulnerabilities or findings in accordance with its cybersecurity policies. 

Our Trust Center is available via Safebase on-demand. 

Legal

Vanilla’s agreements and policies provide our customers transparency and detailed information about our services, which support our customers in meeting their own legal and compliance standards.

For Vanilla Platform customers:

 

For consumers: