Security & Compliance

Our primary objective at SageData is to secure your data and business information. We enable you to load, manage and analyze your data in a secure way by centralizing it into your data warehouse.


Data policies

  • Within its production environment, SageData is monitoring your systems, applications, data access logs, and data flows for anomalies.
  • Employee awareness of their role in keeping data safe is crucial. We at SageData are educating your employees, by introducing to policies and standards that protect your data.
  • SageData will make sure to instantly notify customers in case of a data breach. Furthermore, we always keep our documents about policies and procedures  for handling security breaches and incidents up to date
  • Accessing data and login credentials are strictly controlled. Within our environment, we require credentials and access points to be encrypted using industry-standard methods both at rest and in transit.


  • Third-party security entities are auditing SageData’s application and the environment by completing specialized pressure and penetration tests.
  • Fully automated internal breach and vulnerability scans are conducted on regular basis. In addition, SageData is installing security updates and patches when needed
  • All SageData’s servers are hosted in Amazon Web Services. This is providing assurances for our physical and virtualized computing environments including SOC 1, 2, and 3, and ISO/IEC 27001 at all times.
  • SageData is running on Amazon Virtual Private Cloud (VPC). To restrict network access we configure firewalls and segregate subnets by security level within VPC.


  • All communication within our app is transferred in an encrypted way. SageData uses HSTS to ensure browsers encrypt all communication with SageData.
  • SageData keeps your data long enough to make sure that the moving and loading into your destinations is successfully finished.
  • Whenever errors and anomalies are encountered, SageData sends notifications to users. For clean auditing, we provide direct access to logs from data source integrations.
  • In order to restrict access and transfer data safely, SageData’s integrations are requiring minimum permission, allowing read access and are configurable by users for simple replications of data subsets.
  • HTTPS s exclusively used for web-based data sources. Connections to all data sources and destinations can be safely achieved via SSH tunneling, SSL/TLS, and IP whitelisting.


SOC 2 SageData SecuritySOC 2

Independent third parties have been auditing SageData gainst SOC 2 security, availability, and confidentiality principles.

Documentation is available upon request: Contact us

SageData System Health CheckA HIPAA-compliant ETL service

Is your data consisting of Protected Health Information (PHI)? This information is subject to Health Insurance Portability and Accountability Act (HIPAA) regulations.  SageData is there for you and  has you covered.
At SageData we made sure that HIPAA compliance as a business associate is ensured by working with attorneys, security consultants, and health care policy experts. If you want to use SageData with PHI and other HIPAA-regulated data, you must sign a Business Associate Agreement (BAA).

Contact us now to get started!

SageData GDPR and Privacy Policy

EU Data Privacy and GDPR

SageData is fully compliant with the European Union’s Global Data Protection Regulation (GDPR).

The Terms of Use of SageData include a Data Processing Addendum (DPA). It discloses standard contractual clauses set forth by the European Commission. In this way we establish a legal basis for cross-border data transfers from the EU. In our Privacy Policy we also include specific GDPR requirements.

Was this helpful?