Get comprehensive data protection capabilities from a solution with security built into its core with Medallia.
The experience you provide your customers never stops, and neither do we. As the market leader in Customer and Employee Experience Management, we are trusted by the world’s most revered companies to handle their data. We know how critical data security is to our customers—many of whom operate in highly regulated industries like finance, healthcare, and telecom—and we maintain industry-leading practices to protect that data.
You can be rest assured knowing that the confidentiality, integrity, and availability of your data is protected according to rigorous industry standards. We possess SOC 2 Type II platform compliance, GDPR/SCCs, CCPA, and HIPAA in addition to HITRUST, ISO 27001, 27017, 27018, and 27701. We are also certified for CBPR and PRP.
Medallia maintains up-to-date processes and controls with regular audits by internal and external parties, including clients and independent assessors.
Your data is protected with Medallia’s secure software development process for applications, including design reviews, threat modeling, risk assessment, and security touchpoints at every phase of development.
Our Engineering and Product Security teams conduct extensive development and post-development testing to be certain our applications are secure so you can focus on making experiences great.
Medallia Experience Cloud provides you with complete control over your data. Keep Personal Identifiable Information (PII) secure with configurable PII settings, including granular role-based access, data masking, Bring Your Own Key (BYOK) field level data encryption, and IP allowlisting.
Medallia Experience Cloud operates as a private cloud where we own and maintain our own hardware in Tier III colocation facilities, including all network devices and systems.
Medallia Experience Cloud uses modern cloud native technology such as containerization and microservices that provide clients with a single tenant architecture. This ensures segregation of customer data, preventing commingling of data, configuration flexibility, and eliminates the risk of performance impact from a multi-tenant architecture. Plus, benefit from seamlessly rolled out upgrades, new releases, and security patches that don’t disrupt your unique configurations.
To report an incident, concern, or for general security questions, please email [email protected].
Blog
Whether you need to comply with GDPR, CCPA, or other similar privacy laws, Medallia Experience Cloud has you covered with enterprise-grade controls.
Blog
Medallia does not sell your personal information or your end users’ personal information. See Medallia’s Privacy Policy for more.
