Our Commitment
Running AEO at scale means Goodie handles your analytics, content, and competitive intelligence. That comes with real responsibility. Our security program is independently audited and maps to the controls enterprise procurement teams expect.
Compliance & Certifications
Goodie maintains SOC 2 Type I and Type II attestations, independently audited against the AICPA Trust Services Criteria. Type II confirms our controls don’t just exist on paper — they operate effectively over time.
Current and prospective customers can request our SOC 2 report, security documentation, and answers to common security questions through our Trust Center.
Access security documentation →
Infrastructure & Data Security
- Encryption everywhere. Data is encrypted in transit (TLS) and at rest (AES-256) across all systems.
- Trusted cloud infrastructure. Goodie runs on enterprise cloud infrastructure that is itself SOC 2 attested, with built-in redundancy and resilience.
- Continuous monitoring. Our environment is monitored continuously for threats, vulnerabilities, and configuration drift, with automated alerting on anomalies.
- Data isolation. Customer workspaces are logically separated to keep your data yours.
Application & Access Security
- Enterprise SSO. Sign in through your identity provider with SAML-based single sign-on.
- SCIM provisioning. Automate user onboarding and offboarding through directory sync.
- Role-based access control. Granular permissions ensure people see only what they should.
- Least-privilege internally. Goodie staff access is restricted, logged, and reviewed on a regular basis.
Privacy & Data Handling
- You own your data. We process your data to deliver the service — never to train third-party models or sell to anyone.
- Defined retention and deletion. Clear policies govern how long data is kept and how it’s removed on request.
- Vetted sub-processors. Every third party in our stack is reviewed and held to security standards consistent with our own.
Reporting a Vulnerability
We welcome reports from the security community. If you’ve found a potential vulnerability, contact us at security@higoodie.com and our team will respond promptly.
Have Questions?
Our Trust Center has the latest on our security posture, certifications, and documentation. For anything else, our team is here to help.