Security & Compliance

Adelante Trust Portal

We prioritize the security and privacy of your data. Our comprehensive security measures ensure your information is protected at all times.

Our Security Principles

HIPAA Compliance

Our solutions are fully HIPAA compliant, ensuring that all protected health information is secured according to regulatory requirements.

GDPR Compliance

We adhere to GDPR principles, providing transparency and control over personal data for all EU citizens.

Data Encryption

All data is encrypted both in transit and at rest using industry-standard encryption protocols.

Regular Audits

We perform regular security audits and vulnerability assessments to maintain the highest security standards.

Secure Infrastructure

Our infrastructure is hosted in SOC 2 compliant data centers with multiple security layers.

Zero Data Retention

We do not store any of your end-customers'/employees personal data. Our system does not retain any customer-specific information.

Security Measures

Data Processing & Privacy

  • All data in transit is encrypted using TLS 1.2+
  • Credentials and API keys are securely stored using secure secret management services
  • Zero Data Retention: Personal Data is not stored after processing
  • Temporary logs are ephemeral and do not contain Personal Data

Infrastructure Security

  • AWS-hosted infrastructure; no on-prem servers
  • Alerting on key security events (IAM changes, errors, traffic spikes)

Access Control

  • Role-Based Access Control (RBAC) based on least-privilege principle
  • Access to systems processing Personal Data is restricted to authorized personnel only
  • Routine access reviews to ensure ongoing security compliance
  • MFA enforced on all production systems
  • Strong password policy with complexity required, rotation ≤180 days

Vendor Management

  • Sub-processor list published and kept up to date
  • DPAs in place with all vendors
  • Vendors must provide SOC 2 Type II / ISO 27001 or equivalent
  • Annual reassessment of vendor security

Company Security

  • Laptops encrypted (BitLocker), EDR enabled, screen-lock enforced
  • Office access controlled with alarm & sprinkler systems
  • Annual external penetration test
  • Information Security Policy, Code of Conduct, Data Deletion Policy (reviewed annually)
  • Comprehensive security training program upon hire and annually
  • Secure email gateway to filter suspicious emails

Legal

Our DPA is available here and we have appointed a Data Protection Officer ("DPO"). For privacy related questions, please contact tamir@getadelante.com.

We have a cyber insurance plan that provides coverage for security incidents.

Privacy Policy Terms of Use NDA

Compliance & Certifications

HIPAA Compliant
Standard BAA
GDPR Compliant
Standard DPA
ISO 27001 Certified
Audit Confirmation
SOC 2 Type II Certified
Audit Confirmation

Our Commitment to You

At Adelante, we understand that trust is earned through consistent action and transparency. We're committed to maintaining the highest standards of security and data protection, so you can focus on delivering exceptional customer experiences.

Get Started