Data Security FAQs

How do we keep your data safe?

All data is encrypted in transit and at rest using AWS recommended protocols and AWS’s Key Management Service. 

All data is backed up, using highly resilient solutions and following best practices to ensure the most stringent of customers’ requirements are met.

Where is your data stored?

Customers can choose between data storage in North Virginia (AWS’s US-EAST-1 region) or Frankfurt (AWS’s EU-CENTRAL-1) location.

Where is data processed?

Exports data is processed regionally, and all analytics data is processed inside of Europe.

What are our security credentials?

Gravity Sketch is ISO 27001 certified, and we undergo annual third-party audits as well as greybox pen tests and monthly DAST scans. We have rigorous controls, policies and processes in place and some of the largest brands in the world trust us with their data.

What security controls do we offer?

User Management - We offer user management controls granted to specific administrators within an organization. Those admin level users will be able to 1) Add and remove users from an organization 2) Deactivate user accounts 3) Delete user accounts and 4) Change user role types

2FA and SSO - We offer 2FA to all users and SSO to all enterprise users. In terms of Enterprise SSO, we support both Google and Microsoft. If you need a different SSO provider,er please reach out to either your Customer Support Manager or to support@gravitysketch.com

Data Deletion - Individual users can reach out to support@gravitysketch.com for data deletion. For enterprise accounts their data will be deleted dependent on terms outlined in their contract. Please note, if there are free users in your organization who are using individual accounts, their data will not be deleted at the termination of the contract.