Security & privacy compliance

Last updated: 18 August 2022

Float is SOC2 certified and GDPR compliant.

Your data is protected.

We’re dedicated to keeping your data safe and secure through multiple layers of protection, starting with our world-class host, Google Cloud Platform, which runs on the same infrastructure that powers your late night Google searches and midday cat video cravings on YouTube.

Google Cloud standards, regulations, & certifications can be reviewed here.

  • Since launching Float in 2012, we've maintained a 99.5% uptime!
  • Our status page displays the current state of Float, including any outages or ongoing incidents, as well as a history of our system uptime.

Technology helps us keep your information secure.

  • We support AES 256-bit encryption and TLS 1.2 and one-way encrypt all passwords.
  • Account Owners can integrate Float with single-sign-on SAML SSO providers Okta and OneLogin. Teams can also select Google as their authentication provider from the signup and login pages.
  • We routinely perform vulnerability audits through an objective third-party, to help ensure that we stay one step ahead of the bad guys.
  • We are PCI compliant and don’t store credit card information. Your billing information is only accessible to the owner of your account.

We believe that privacy is a basic right.

Your data is yours—plain and simple. We will never sell your data to a third party. We will not provide access to your account to anyone without your express, written consent. The only time a member of the Float team will access your account is to help you solve a problem or to reproduce a software bug, and in all but the most extreme cases (picture the SaaS equivalent of a nuclear meltdown), we will always ask for your permission first.

This policy applies to the personal data of all of our users, regardless of who you are or where you’re located.

You can find our full privacy policy here.

You decide what information your users can access.

We've designed Float to make it easy to decide who has access to the different sections of your account. Check out the different permission levels available within Float here.

We're committed to SOC2 and GDPR compliance.

Float has been SOC2 certified since June 2021 after undergoing compliance documentation with Vanta auditors.

We’re dedicated to helping Float customers and users understand and comply with the General Data Protection Regulation (GDPR) that went into effect on May 25, 2018.

The implementation of GDPR has resulted in enhanced privacy rights for individuals and increased responsibilities for record keeping. Whether you're a business with EU clients or a European-based customer, we've got you covered.

We've spent the past few years increasing our customer data and privacy protections, including providing access to export your data whenever you need to.

Account Owners can also delete their customer data at any time during a subscription term by selecting “Delete Team” from the bottom of the Team Settings. We hard delete all information from your account upon initiating this request.

Want to know more?

Download a copy of the Float Security White Paper for a detailed breakdown of our security and privacy measures.

If you'd like access to our SOC2 compliance documentation or have a security matter you’d like to discuss regarding any of the policies laid out above, please reach out to us here or email support@float.com.