Discuss Security and Data Privacy
Keeping your data secure, private, and compliant is a top priority at Discuss. Our People Experience Platform not only helps you turn experience into insights but also delivers peace of mind with a secure and privacy-centric approach.
Delivering Industry-Leading Security Best Practices
ISO - 27001
Discuss has maintained the ISO 27001 certification since 2019. We continue to demonstrate our commitment to the highest level of trust and have shown our ability to comply with the most stringent international standards and reaffirm the importance of data and privacy protection.
GDPR
Our legal and information security teams have carefully analyzed the General Data Protection Regulation (GDPR) and have undertaken the necessary steps to ensure compliance. Discuss also offers processes to protect respondents' data from video blurring and audio distortion to personal data anonymization, and custom data retention rules.
CCPA
We are compliant with the California Consumer Privacy Act (CCPA), the most stringent data privacy law in the United States. Discuss does not sell your personal information or your end users’ personal information, and therefore do not offer an opt-out to the sale of personal information.
COPPA
Discuss is compliant with the Children's Online Privacy Protection Act of 1998, which prohibits unfair or deceptive acts with the collection, use, and/or disclosure of personal information from and about children on the Internet.
Take control of your data security
Access Control
Users are in control of who has access to their projects and project materials. We support team-level and project-level access with role-based access controlled by the project owner. Project owners also manage project privacy, allowing them to share insights with their larger organization or keep findings private to a core team.
Anonymization
Any project owner working in any country can choose to have their recordings blurred to prevent identification via a setting in their project’s Settings page. Once a video is blurred, it cannot be reversed. Voice modulation in recordings is also available to further protect respondent privacy.
Data Retention
In general, we store project data like video recordings, transcripts, highlight reels, stimuli, and reports, for a period of three years, or as directed by customer organizational administrators. Respondent data, including PII, is deleted automatically after six months to allow for tracking of repeat participations.
Single Sign On
We integrate with all single sign on (SSO) identity providers using the SAML 2.0 protocol to put account provisioning, de-provisioning, and password protection in the hands of clients.
Privacy Controls
Our meeting room is designed with privacy in mind. Role-based permissions, authentication requirements, a waiting room, and moderator controls prevent unauthorized access and inappropriate activity within the meeting room.
Platform Security and Management
Data Hosting & Encryption
To ensure the integrity and confidentiality, all data is encrypted in transit and at rest using HTTPS. Our application servers and data is hosted on Amazon Web Services and stored in Viginia, USA.
Data Breach Management
We have a protocol in place for how to keep your data safe and secure if something goes wrong.
Proactive Monitoring and Alerting
Our meeting room is designed with privacy in mind. Role-based permissions, authentication requirements, a waiting room, and moderator controls prevent unauthorized access and inappropriate activity within the meeting room.
Reliability and Backup
We use AWS automated backups and manual snapshots to prevent data loss before significant infrastructure change events.
Disaster Recovery
Our recovery plans identify the resources and specify actions required to help minimize losses in the event of service disruption.
Auditing
Annually, Discuss conducts an independent third-party review of its security policies, standards, operations, and procedures related to the Services provided to Customers
Related Resources
Ready to Get Started?
Talk with a product expert to learn how Discuss can help you reach your insights goals.