Security

We Honor Our Commitments

Vendavo is fully committed to providing highly-secure commercial excellence solutions for your enterprise.

Vendavo has been supplying enterprise software solutions to some of the largest enterprises in the world for nearly 20 years. As a leader in the digitalization of pricing and sales effectiveness solutions, we understand how important security, compliance, and privacy are today and will continue to be in the future. Vendavo uses a secure platform to ensure that the commercial excellence solutions we provide are truly excellent.

Security

Vendavo utilizes the top cloud providers in the world to run its software solutions for our clients. Vendavo develops and deploys solutions to best fit these top hosting services for secure and smooth functionality.

Vendavo use a secure SDLC (systems development life cycle). When building applications, Vendavo treats security as a requirement, and conducts regular static, dynamic, and penetration tests.

Vendavo’s cross functional security team holds industry standard security credentials and executes: Security Risk Management, Information Governance, Security Operations Center, Security Compliance

Certifications and Compliance

  • GDPR — Vendavo supports our customers in achieving GDPR compliance.
  • ISO 27001 — Vendavo maintains certification through annual audits.
  • SOC1 Type 2 — Vendavo conducts semi-annual audits to ensure controls over financial reporting.
  • SOC2 Type 2 — Vendavo conducts semi-annual audits to ensure control and management of customer data, including the following Trust Services Criteria:
    • Availability — Information and systems are available for operation and used to meet the entity’s objectives.
    • Process Integrity — With Vendavo, your business can trust the system to work the way it is supposed to work. Systems and controls are in place that the pricing coming out of the pricing solution are complete, valid, timely, accurate, and authorized to meet your objectives.
    • Security
    • Confidentiality — Your data is protected from unauthorized access
  • SOC3 – Vendavo commissions a full SOC1 Type 2 and SOC2 Type 2 examination semi-annually. The auditor’s reports on these examinations (also known as audits) are issued as soon as they’re ready after that audit. The SOC3 report, which is based on the SOC2 examination, is issued annually. Because SOC3 reports are general use reports, they may be freely distributed, and are included here for download. Customers who would like a copy of the Vendavo SOC1 and/or SOC2 reports, please contact your Customer Success Manager or Vendavo Support.
  • TISAX Level 2 – Vendavo has certified information security controls appropriate for the automotive industry
  • CSA Security, Trust & Assurance Registry (STAR) — Vendavo has published our completed CSA Consensus Assessments Initiative Questionnaire (CAIQ) self-assessment in the CSA STAR Registry to document best practice compliance.