In Store Operations and Communications Platform, Retail Zipline, Achieves SOC 2 Type II Certification and Completes CSA STAR Level 1 Self-Assessment

Retail Zipline, the leading communication and execution platform for retailers, has been awarded a SOC 2 Type II certification and has completed the CSA STAR Level 1 Self-Assessment. Both compliance programs require significant documentation, implementation and testing of security controls, proving Retail Zipline’s ability to keep its clients’ sensitive data secure.

SOC 2 examinations are administered by an independent CPA firm to ensure all findings are entirely objective. To verify the operational excellence of Retail Zipline’s security controls, an auditor analyzed the effectiveness of Retail Zipline’s controls relating to security, confidentiality, integrity, availability and privacy from 1st July to 31st October 2019. 

In addition to the SOC 2 Type II certification, Retail Zipline has aligned its security program with best practices advised by the Cloud Security Alliance, completing a self-assessment questionnaire which is made publicly available on the CSA website. 
 
“Retail Zipline has been built with security as a top priority from the beginning,” said Matthew Fieldhouse, Director of Security and Compliance at Retail Zipline. “Jeremy Baker, our CTO, had done a great job of putting secure software development practices in place before I joined the company. Aligning our organization with the SOC 2 criteria and Cloud Security Alliance program has improved our security program even further, and provides our customers with assurance that we are following the latest standards and best practices.”

“After completing the audit, we were pleased to hear from our auditor that the maturity of our security program is at a level usually seen in much bigger organizations that have been around for a long time,” said Matthew Fieldhouse. “Our auditor did not find any exceptions, validating all of our security controls, policies and procedures are designed and operating effectively.” 

In addition to implementing these two important compliance programs, Retail Zipline has recently had a third-party penetration test completed by Cobalt. The company will be working towards ISO 27001 certification throughout 2020. In tandem, the company plans to further develop their HackerOne bug bounty program, to incentivize independent security experts to test the application. 

To learn more about Retail Zipline, visit: https://www.retailzipline.com/

About Retail Zipline:
Retail Zipline is the leading communication and execution platform for retailers. Built with the complexities of retail in mind, Retail Zipline helps HQ streamline and coordinate communications with the field, in a way that makes store teams happier and more productive. The company’s goal is to improve the lives of one million retail employees by 2025, and the platform is already used by leading brands such as Lush Cosmetics, BevMo!, Cole Haan, The Lego Group, TOMS, Torrid, Lumber Liquidators, and others. Retail Zipline is a 100% distributed company with employees across North America and Europe. They are backed by leading venture capitalists including Emergence, Serena Ventures, and Hillsven Capital. To learn more, please visit retailzipline.com. 

Contact Information

Kayla Abbassi

VSC for Retail Zipline

VSC

Zipline@vsc.co