Skip to content

Your data is safe with us.

We take security seriously — not as a checkbox, but as a core part of how we build. Encryption in transit and at rest, regular audits, and compliance certifications that enterprise teams require.

SOC 2 Type II

Audited annually for security, availability, and confidentiality controls.

SOC 3

Public report confirming our SOC 2 controls.

HIPAA

Business associate compliant for healthcare customers.

GDPR

Full compliance with EU data protection regulations.

CPRA

Compliant service provider under California privacy law.

Google Audited

Verified by Google for OAuth and API security standards.

ISO 27001/27017/27018

Via AWS and MongoDB infrastructure partners.

PCI DSS Level 1

Payment card industry data security standard.

How we handle your data

Encryption: Data is encrypted in transit using TLS and at rest using AES-256.

Infrastructure: Hosted on AWS virtual private cloud with failover and backup instances.

Database: MongoDB with industry-standard security configurations.

Access: Calendar and contact data accessed via OAuth — not stored long-term.

Bug bounty: We maintain a vulnerability reporting program at security@mixmax.com.

Enterprise-grade security. Startup-speed setup.

Start free. SOC 2 certified. HIPAA compliant.