We Understand That Security Is Important
Spiro was built with security in mind, using industry best practices to meet the security and compliance requirements of our customers.
OAuth App Authentication
We use OAuth2 to authorize SaaS services and do not store usernames or passwords for those services.
Secure Cloud Hosting
We are hosted on AWS, which provides robust physical data center security and environmental controls.
SOC2 Type I Audited
Spiro has passed its SOC2 Type I audit, which evaluates our security systems and practices
ITAR Certified Cloud Hosting
For organizations subject to ITAR compliance, we have an ITAR certified hosting option available.
You own your data and are in full control. We will never delete without giving you time to export it.
We allow you to turn privacy on and off to meet the needs of your employees and customers.
We enable encryption of sensitive data both at rest and in transit over public networks.
We only use customer data to provide the service, and will never mine your data.
We regularly back up your data and provide a maximum 24-hour RTO and RPO.