Kustomer Keeps Client Data Safe, Secure and Private

Recently, Kustomer was referenced in the New York Times. In almost all circumstances that would be a good thing for a fast growing startup. But in this case, it was not. The New York Times article was not about how Kustomer is revolutionizing customer service. It was not about our commitment and singular mission of helping businesses treat their customers better, and our fast growth since 2015. It was about consumer value scores and our use of data. We felt this issue is such an important one that it required clarification.

Kustomer does not develop, generate or provide consumer value scores based on client data. Kustomer. Does. Not. Do. Consumer. Scoring. We don’t sell any personal data we come in contact with, use it for our internal business purposes, nor aggregate or share it across our clients.

As an enterprise SaaS software solution that powers the customer experience of today’s best brands across the globe, we take seriously the value of the data that may be placed in our hands by our clients. It is true, that in the course of using the Kustomer platform, our clients will necessarily store data of their customers. Our only role when it comes to that data is to help our clients deliver a standout service experience while keeping that data private and secure.

We know our clients take the data privacy and security practices of their vendors seriously. Various data privacy laws require it and their reputations depend on it. We are vetted regularly around the strength of our privacy and security controls.

To provide independent validation of our security practices and controls for safeguarding client data and to ensure that our clients meet their regulatory and compliance requirements, we have sought and achieved compliance for GDPR, HIPAA, SOC2 Type 1, and EU-US and Swiss-US Data Privacy Shield.

We have built robust logging, auditing, monitoring, and data encryption capabilities into the platform. We have also adopted industry best practices for security controls and processes throughout the many layers of the application environment and software development lifecycle. This has included strict endpoint management, extensive employee security awareness training, and comprehensive vulnerability management with regular 3rd-party penetration testing and code reviews.

Using third-party service providers and data processors is an essential part of any business’s operations, and data privacy laws for years have contemplated this reality. It’s disappointing that individuals were led to believe that Kustomer compiles information and creates some type of consumer value score or uses their personal data without consent. Instead, we are helping our clients perform an essential business function, which is to help them deliver exceptional customer service.

We honor the trust that customers place in our clients’ hands, and are committed to keeping those relationships strong, meaningful — and private.