Access real-time information on system performance and security
We built an entirely new automation platform, starting with trust.
We take data security very seriously. We provide a multi-step, multi-level security system with complete transparency so you not only feel safe, you can see how safe your data is, anytime.
System Status
Get full transparency with a real-time and historical performance view of all technical components of the Tray Platform. You can even subscribe to updates.
Security
We take maximum precaution, so your data remains safe. Businesses trust Tray.io to safeguard their data and processes.
Encryption
We encrypt all our data, authentication and tokens. Learn more
Network security
All communications between your browser and Tray.io’s website are encrypted via HTTPS.
Log data retention
The Tray Platform offers flexible log data retention policies designed to fit your requirements.
Data residency options
Data stored and processed in isolated US, EU or APAC regions.
Session management
Monitor sessions by IP address, location, time, browser and operating system and revoke access to prevent unauthorized access to your Tray Platform account.
Two-factor authentication
Add a second layer of security to protect fraudulent access to your Tray Platform account. Learn more
Password prompting
Any major account action will prompt a user to re-enter her password.
Behavior modeling
To detect unusual or suspicious activity on a user's account we use technology to build intelligent models of user behavior.
Compliance
Tray.io strives to gain and retain the trust of our customers. Providing a comprehensive compliance program with certifications and attestations is integral to this mission.
SOC 2 Type 2
Tray.io is SOC 2 Type 2 certified, which means that the design and operating effectiveness of our security controls are always under audit. Tray.io engages in annual SOC 2 audits that are conducted by an independent, third-party auditing firm. See our Security Policies for more information.
General Data Protection Regulation (GDPR)
Tray.io employs privacy and information security controls to meet the requirements of data protection regulations like the GDPR and offers data residency options in the US, EU and APAC. See our Data Protection Commitment for more information.
HIPAA compliant
Tray.io is fully compliant with HIPAA regulations in handling ePHI (electronic protected health information). We employ data minimization practices to ensure full data security. We've passed an independent, third-party HIPAA audit and are happy to sign BAAs (business associate agreements) as needed.
CCPA Compliant
Tray.io is compliant with California Consumer Privacy Act (CCPA) regulations, which went into effect January 1st, 2020. CCPA applies to California residents and is enforceable for any company with revenues larger than $25 million and has more than 50,000 people or devices in their database. Please contact us to have an in-depth conversation about Tray.io’s approach to CCPA and Trust.
Penetration testing
The Tray Platform undergoes regular penetration testing by independent third parties to ensure that our platform is secure. See our Security Policies for more information.
Privacy
Click here to read Tray.io’s privacy policy.
Resilience
Because our customers depend on the Tray Platform for mission-critical workflow, we invest in ensuring high availability of our systems.
On-call policy
We have an around-the-clock support network of engineers who work very hard to keep the Tray Platform running all of the time. We have an on-call policy for our engineers to be available just in case.
Data backup
The Tray Platform has built-in automatic back-ups.
Infrastructure backup
All Tray Platform infrastructure is replicated and backed up.
Workflow backup
The Tray Platform stores snapshots of our customers’ business logic so we can revert them if necessary.
