At Jesty CRM, compliance, trust, and data security are at the core of how we operate. We follow globally recognized standards, implement strict legal frameworks, and provide full transparency to our clients to ensure data is always safe and responsibly managed.

---

1. Certifications & Audited Standards

We maintain industry-recognized certifications and regularly undergo third-party audits to validate our security controls:

• SOC 2 Type I & II Certified: Ensuring the highest standards for security, availability, and confidentiality.
• HIPAA Compliant: For clients in the healthcare sector, we meet requirements for handling Protected Health Information (PHI).
• Commitment to Security: Security, compliance, and reliability are non-negotiable foundations of Jesty CRM.

2. Regulatory Readiness & Legal Agreements

Jesty CRM is prepared to support compliance across global and regional data protection laws. We provide the necessary legal agreements and infrastructure safeguards to ensure compliance is built in:

• GDPR & CCPA Ready: Supporting EU, UK, and US state data protection regulations.
• Business Associate Agreement (BAA) Available for HIPAA-covered clients.
• Data Processing Agreement (DPA): Provided to meet GDPR obligations.
• Infrastructure Compliance: Our infrastructure partners (such as AWS) are fully GDPR-compliant and support our clients’ regulatory needs.

3. Transparency & Verification

We believe trust comes from visibility. Clients and partners can verify our commitments through:

• Compliance Trust Center: Access to our compliance certificates and key policies.
• Reviewed Policies & Procedures: Ongoing staff training, internal audits, and updates to security policies ensure continuous effectiveness.

4. Disclosures & Legal Obligations

We respect confidentiality and only disclose data under strict legal conditions:

• Disclosure Policy: Personal data is only shared with regulators or law enforcement when legally required or permitted.
• Data Retention: Data is retained only as long as necessary for the purpose collected or as mandated by law.

5. Virtual Number Compliance (Our Extra Safeguard)

To prevent misuse and ensure accountability, all virtual numbers provided by Jesty CRM are registered in the client’s name. This guarantees lawful usage and transparency and protects our clients from regulatory risk.

6. Compliance Contact & Support

We make compliance support simple and accessible:

• Dedicated Compliance Team: For DPA, or compliance inquiries, contact us directly at help@jestycrm.com
• Information Security Officer: Available upon request for detailed compliance discussions.

With these measures, Jesty CRM gives businesses peace of mind that compliance, security, and trust are always built into the platform.