Jiminny protects your data whilst giving your teams easy access whenever they want. Here’s how we do it.
SOC 2 Type II
Jiminny is proud to maintain active SOC 2 Type II compliance. Our implementation of controls is audited annually by the renowned audit firm, A-LIGN. This comprehensive, globally recognized attestation validates our commitment to critical security standards to protect and secure client data.
Laws and regulations
Jiminny is compliant with various data protection laws and regulations applicable to the services we provide.
GDPR
Jiminny is compliant with the General Data Protection Regulation (GDPR) which went into effect on May 25, 2018. Jiminny has worked to enhance its products, processes, and procedures to meet its obligations as a data processor.
The Platform also provides features to help customers remain compliant, including pre-meeting recording consent management and audio notifications.
CCPA
Jiminny maintains compliance with CCPA and does not sell or share personal information. Please see our Privacy Notice for more information.
HIPAA
Jiminny is fully HIPAA-compliant, ensuring the highest standards of security and privacy for protecting your sensitive healthcare data.
Key security features - Product security
SSO
SAML2 Single Sign-on (SSO) allows you to authenticate users in your own systems (identity providers) without requiring them to enter additional login credentials. If you’re using Google or Microsoft Office based authentication, you can additionally turn on 2-factor authentication (2FA).
Roles & Permissions
We allow granular permission levels within the Platform to be set for your teams. Role based permissions can be set to include recording settings, app configuration, user management, visibility of conversations or the ability to download conversations.
Uptime
Jiminny has an uptime of 99.9% or higher. You can check our uptime history at status.jiminny.com.
Platform & network
Disaster Recovery
Jiminny was built with DR in mind, with all infrastructure and data spread across 3 AWS Availability Zones in each region.
Should one zone fail, service will continue to operate as normal.
Backups & Monitoring
Our Platform has audit events and logging, tracking actions taken across the application and network.
AWS Backup provides regular snapshots of all services and data stores. Recovery is tested annually.
Virtual Private Cloud
Jiminny customers are logically separated in our multi-tenant VPC to optimize utilization of resources.
Network access control lists (ACLs) provide a secure perimeter preventing unauthorized requests to the network.
Data Hosting & Storage
Jiminny services and data are hosted in Amazon Web Services (AWS) facilities in the USA (us-east-2) and Ireland (eu-west-1).
Customers can choose which of these regions to host their instance.
Pentests & Vulnerability
Jiminny uses third-party auditors to perform annual penetration testing of the platform and APIs.
Our team regularly monitors threats detected from SAST and DAST scanning tools continuously monitoring our Platform, containers and codebase.
Data Encryption by Default
By default, Jiminny encrypts data at rest and in-transit for all customers.
We use enterprise-grade 256-bit AES technology to safely encrypt and decrypt all data transferred to and from the Jiminny platform.
Additional Safeguards
Training
All employees complete Security and Awareness training annually.
Confidentiality
All employee contracts include a confidentiality agreement.
Background checks
Where applicable by law, Jiminny performs background screenings on personnel prior to joining the organization.
.png?width=200&height=200&name=image%20(3).png)
.png?width=113&name=users-love-us%20(3).png)