Compliance & Certifications
Treno has achieved a SOC 2 Type II attestation from a certified auditor with no exceptions in the final report. We work with an AICPA certified audit firm to evaluate our information security program and controls on an annual basis and continuously monitor those controls using the Treno platform. A copy of our auditor’s report and current compliance monitoring report is available upon request.
Treno has established a comprehensive GDPR compliance program and is committed to partnering with its customers and vendors on GDPR compliance efforts. Some significant steps Treno has taken to align its practices are included in our Data Processing Addendum, which is available upon request.
Additionally, with respect to CCPA, Treno does not sell its customers’ or users’ personal information. Where a business subject to the CCPA has entered into a services or subscription agreement with Treno, Treno will also act as a service provider to that business. Specifically, Treno will process such customers’ personal information only for the purposes set forth in the applicable agreement, and will cooperate with customers to fulfill deletion or access requests.