SECURITY & PRIVACY

Setting the standard in security

We are serious about keeping your data safe. It’s one of the many reasons over 100+ partners trust EQL to launch their most in-demand products to their most passionate fans.

laptop illustration

More compliant than your bank

EQL undergoes independent third-party audits to certify our security, data privacy, and compliance controls.

SOC 2 Type 2

EQL maintains the gold standard of security, an annual SOC 2 Type 2 attestation. This framework informs how we protect customer data from unauthorized access, security incidents, and other vulnerabilities.

PCI Compliant

We are PCI DSS Level 1 compliant, meaning that we follow the Payment Card Industry Data Security Standard guidelines to keep our consumers’ payments safe. To learn more, you can visit EQL’s privacy policy.

Continuous monitoring you can trust

EQL continuously monitors uptime across a variety of measures, and our system status is always publicly available.

Continuous Monitoring

FAQ

Do you encrypt data at rest and in transit?

Yes. For data at rest, our database tables are fully encrypted (AES-256) using the database's built-in encryption features. For data in transit, our CloudFront distribution is configured to redirect HTTP to HTTPS, and only accepts HTTPS connections from viewers that support SNI, and enforces CloudFront’s recommended minimum SSL/TLS protocol (TLSv1.3). We do not store any data that requires data-in-use encryption. We never see or store credit cards. A third-party authentication provider handles authentication and passwords.

Where is Your data stored?

All the data is stored in AWS and Snowflake cloud platforms in AWS's Virginia region.

Do you perform periodic penetration tests and vulnerability scans?

We perform annual penetration tests. In the event of significant security changes, we perform ad-hoc tests. The report summary is available in our Trust Center.

Protect your launches 
from chaos with EQL