Celigo Compliance Resources

As one of our top priorities, Celigo takes the security of our customers’ data very seriously. We work hard to keep your data secure, combat emerging threats, and implement innovations to make our security even better.

The following pages contain helpful information regarding Celigo’s security policies:

Why is data security critical for iPaaS?

As your integration platform, Celigo ties your SaaS applications together. Because these applications store critical information about your business processes, the Personally Identifiable Information (PII) of your customers, and financials, the security of your systems needs to be airtight. You owe your customers the promise that all of this data will be handled in a safe and secure manner, and never shared without their consent.

Our integration platform, Integrator.io, moves and processes sensitive information such as the personal information of your customers. Celigo secures the integration path end-to-end between your applications that persistently store data, as well as ensuring that the design and configuration of our infrastructure in AWS is tightly secured. On top of our commitments to making our product secure, we also perform due diligence on our service providers like AWS, Splunk, and MongoDB to ensure that they are also run securely. If you would like to verify the security of our infrastructure, please feel free to request a copy of our SOC 2 report.

The purpose of this page is to give our customers greater transparency about what we do to keep their data safe. As a testament to our emphasis on security, the following sections detail the ever growing and constantly updated list of regimens that Celigo is ready for.

Which regulatory or voluntary compliance regimens is Celigo ready for?

SOC 2 – Celigo completed SOC 2 audits: Type 2 reports are available upon request.

EU and UK GDPR – Celigo is GDPR ready: we rely on consent of the individual and one or more of the following legal mechanisms: Standard Contractual Clauses, the EU-U.S. Data Privacy Framework, the UK-U.S. Data Privacy Framework, the Swiss-U.S. Data Privacy Framework, and can execute a DPA for customers interested in EU, UK, and Swiss GDPR privacy.

FERPA (Family Educational Rights and Privacy Act of 1and transfer 974) – Celigo’s Integrator.io and related integrations are FERPA ready. We manage in-process data securely, so educational institutions and their suppliers can continue to rely on our products for their integrations.

HIPAA – We can execute Business Associate Agreements (BAA) as a Business Associate (BA), with Covered Entities (CE) and other BAs for integrator.io and related integrations.

California Consumer Privacy Act (CCPA) – Celigo is CCPA Ready. Please click here for more details.

New York: Stop Hacks and Improve Electronic Data Security Act (SHIELD ACT)



Virginia Consumer Data Protection Act (VCDPA)