Our Commitment to Security
At Kudosity, the security of your data is our top priority. We maintain the highest standards of information security, confidentiality, and integrity across our platform, backed by industry-leading practices, robust infrastructure, and compliance with globally recognised frameworks.
Our Security Certifications
Kudosity is certified to globally recognised security standards that validate the strength of our controls and demonstrate our focus on protecting your data.
ISO 27001
We are ISO 27001:2022 certified, meaning your data is protected by a robust information security management system aligned with global best practices.
View our ISO 27001 certificates →
SOC 2 Type II
Kudosity is independently audited against rigorous SOC 2 Type II standards, with strong controls in place to protect the security, availability, and confidentiality of your data.
Explore our SOC 2 reports →
CSA STAR Level 1
Our CSA STAR Level 1 status reinforces that we follow best-practice cloud security standards and reflects our commitment to transparency.
View our listing in the CSA STAR public registry →
24/7/365 Support
We provide round-the-clock support so you can get timely help whenever you need it. Our team is available 24/7/365 to assist with any issues, ensuring a swift response to urgent concerns.
Australian Data Sovereignty
Your data is securely stored in Australia and will never be shared with any third party, unless required for the delivery of our services or legal or regulatory obligations. You maintain full ownership of your data at all times.
Back-up and availability
We perform daily, continuous backups of customer data to support point-in-time recovery. All backups are encrypted and stored securely to ensure data resilience and availability in the event of unexpected issues.
Data Privacy
We're committed to privacy, and apply stringent privacy protections to all customers worldwide, regardless of their country of origin or location.
Kudosity complies with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth) and has aligned its platform and practices with GDPR principles to ensure strong, transparent data protection standards for all users.
View our Privacy Statement →
Encryption
All data is encrypted at rest and in transit. We use industry-standard encryption protocols to protect your information against unauthorised access and interception.
Secure Infrastructure
We use trusted infrastructure providers that are certified to ISO 27001 and SOC 2 standards, delivering enterprise-grade security, availability, and compliance.
Trusted Sub-Processors
We carefully assess vendors to ensure they comply with industry security and privacy standards and only work with third parties that meet our strict security requirements.
Explore our sub-processors →
Kudosity Trust Centre
For access to our security documentation, including certifications and audit reports,
please visit our Trust Centre, where you’ll find up-to-date information about our security practices, compliance status, and policies.
Contacting Us About Security
If you have a security-related concern or urgent issue, please contact our team by
submitting a ticket via our Helpdesk. This ensures that your concern is routed quickly to the appropriate team for investigation and resolution.
FAQ's
How is my data stored and protected?
Kudosity securely stores all customer data on servers located in Sydney, Australia. Our infrastructure complies with strict security standards, including ISO 27001 and SOC 2 Type II, ensuring data integrity and confidentiality.
We implement multiple security measures to protect your data, including:
Encryption: Data is encrypted at rest using AES-256 and in transit using TLS 1.2+ to prevent unauthorised access.
Access controls: Role-based access control (RBAC) and multi-factor authentication (MFA) ensure only authorised personnel can access systems.
Regular vulnerability assessments: We conduct regular vulnerability scans, annual penetration tests, and conduct ongoing monitoring to identify and mitigate risks.
Backups: We maintain encrypted, redundant backups to ensure data availability in case of failures.
Do you complete security questionnaires or assessments?
We recognise that many organisations have vendor risk management processes in place and value transparency in how we secure and manage our services.
To support due diligence, we provide detailed security documentation covering product security, infrastructure, data privacy, compliance, and more. We also offer pre-completed responses for standard vendor security questionnaires.
You can access these resources via our Trust Centre.
If your organisation has non-standard, bespoke requirements or custom security questionnaires, please note that we only offer this service for Enterprise customers. Please contact your Account Manager for more details.
Where can I find additional information?
For additional information about our security policies, procedures, and compliance, or to view our live service status, visit the following links.