Home|Security

Your security, our priority

Thousands of companies around the world benefit from the Nintex Process Platform. As part of our mission to provide the leading enterprise process management and automation capabilities to customers, Nintex is committed to maintaining the security and reliability of all its cloud-based capabilities.

Privacy and compliance

Nintex protects our customers’ personal information. Our Privacy Policy sets a high standard for how Nintex manages the personal details and other information that may be collected by Nintex’s various websites. Nintex offers a Data Protection Addendum to its customers upon request.

Nintex complies with applicable data protection and privacy laws. Nintex continues to self-certify its compliance with the U.S.- E.U. Safe Harbor Framework and the U.S. – Swiss Safe Harbor framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data from European Union member countries and Switzerland to provide additional assurances to its customers. For customers whose data transfers are subject to the GDPR, Nintex will enter into applicable agreements.

SOC 2 and SOC 3 reports

Nintex is committed to maintaining the security of our cloud-based capabilities. Our System and Organization Controls (SOC) 2 report provides assurances that there are controls in place that protect your data. Nintex has SOC 2 Type 2 and SOC 3 reports that support Nintex Automation Cloud, Nintex Process Manager, Nintex Drawloop DocGen®, Nintex K2 Cloud services, and Nintex eSign. To request a confidential copy of the Nintex SOC 2 Type 2 report, please email security@nintex.com.

Download the SOC3 reports:





SOC Report

ISO 27001:2013

ISO 27001:2013 is a well-known set of international standards relating to the secure management of information, particularly in a cloud-based environment. The Nintex K2 Cloud Platform has been independently verified to meet all ISO 27001:2013 standards for cloud security and information management.

FedRAMP

The U.S. government-wide Federal Risk and Authorization Management Program (FedRAMP) provides a standard approach for assessing, authorizing and continuously monitoring cloud-based products and services. Nintex Automation Cloud and Nintex Drawloop DocGen for Salesforce both have FedRAMP Moderate Authorization, allowing government agencies to realise the benefits of Nintex Drawloop DocGen for Salesforce.

For further information, please visit the FedRAMP Marketplace.

Nintex Platform security and organization processes

Nintex maintains high-level security across the Nintex Process Platform and the organization to protect customer data and content. More information on our policies governing security, availability, data management, privacy, and threat management is available in the Nintex Platform Security, Privacy and Organizational Overview (updated October 12, 2023).