CoffeePals prioritizes Security,
SOC2 Type 1 Compliant

We understand that security is top of mind for you. We're committed to data security and privacy processes in order to ensure CoffeePals keeps any and all customer information secure and protected.

CoffeePals has passed its SOC2 Type 1 audit and is working to achieve its SOC2 Type 2 report in early 2023.

We've selected cloud vendors that are SOC2 Type I, Type II, ISO27001 and PCI-DSS compliant. We operate an information security and risk management program.

Teams Messages Access

CoffeePals has limited access to the messages within Microsoft Teams. This is a function of the security features that Microsoft implements within their bot SDK.

Physical and Network Security

CoffeePals is hosted on Heroku (owned by Salesforce) which employs strict security measures.

Application Security

CoffeePals is built with security in mind. These are some of our key practices in security.

Operational Security

These are some of our key operational security practices.

We can share more information about our practices and policies under NDA. To see which data we collect, read our Privacy Policy and Terms of Service. If you have specific enquiries, please email security@coffeepals.com.