SOC2 Compliant Forms
by MakeForms
MakeForms is SOC2 Type 2 compliant, ensuring rigorous data security, processing integrity, confidentiality, and privacy controls for customer data.
About SOC 2 Compliance
SOC 2 compliance is a set of standards developed by the AICPA that focus on the controls and processes related to data protection. SOC 2 compliance is not just for enterprise customers, but for all the MakeForms users who value the security and protection of their data. MakeForms is SOC2 Type 2 compliant.
The Trust Principles of SOC 2 Compliance
The Trust Principles of SOC 2 Compliance cover five key areas: Security, Availability, Processing Integrity, Confidentiality, and Privacy. These principles provide a comprehensive framework for evaluating an organization’s controls and processes related to data protection.
Security
This principle focuses on protecting the system against unauthorized access, both physical and logical. This includes access controls, user authentication, network security, and protection against external and internal threats.
Availability
This principle focuses on ensuring that the system is available for use and that any interruptions are minimal. This includes redundancy, backup, and recovery procedures, as well as monitoring and alerting systems.
Processing Integrity
This principle focuses on ensuring that data is processed accurately, completely, and in a timely manner. This includes data validation and error checking, as well as monitoring and reporting of processing errors.
Confidentiality
This principle focuses on protecting confidential information from unauthorized access or disclosure. This includes the encryption of data at rest and in transit, as well as access controls and audit trails.
Privacy
This principle focuses on the collection, use, retention, and disposal of personal information. This includes policies and procedures related to consent, access, and disclosure, as well as compliance with applicable privacy laws and regulations.
MakeForms & SOC 2 Compliance
MakeForms is audited for SOC 2 Type 1 — a security standard built for SaaS platforms. This means our systems, processes, and infrastructure follow strict rules for how your data is stored, accessed, and protected.
SOC2 Type 1 Certified
MakeForms meets strict SOC 2 Type 1 standards. We’ve been reviewed by third-party auditors for how we handle data, access, and infrastructure — and we passed.
Trusted Infrastructure
Our EU and US application servers (hosted on OVH) and database provider (hosted on AWS) are SOC 2 compliant too. That means every layer of our stack is covered. Find a list of our sub processors here
Get the SOC 2 Report
Need our SOC2 Report? Send us an email to support@makeforms.io to request our SOC 2 Type 1 report. We’re open about how we secure your data — because you deserve to know.
MakeForms is compliant with
With MakeForms, be assured that you are not just data residency compliant. But also, compliant with the most stringent compliance frameworks
HIPAA Compliance
MakeForms handles sensitive health data securely and meets US healthcare requirements.
GDPR EU Compliant
Follow EU data privacy rules with full control over where and how form data is stored.
ISO 27001 : 2013
Follow international cloud security best practices for safer form data management.
GDPR UK Compliant
Follow UK data privacy rules with full control over where and how form data is stored.
Start Building
SOC2 Compliant Online Forms
Create powerful forms with logic, branching, alerts, and more.
No CC required. Just start building.