• /
  • Business Units
    • AdRoll
    • RollWorks
  • Careers
    • Culture
    • Search Jobs
  • About
  • Blog
/ Careers Culture Search Jobs About Blog

SECURITY TRUST CENTER

At NextRoll, we take technical, administrative and organizational security measures to protect your data and provide you transparency into our process.

Customer Data Protection
learn more
Compliance
learn more
Certification
learn more
Controls
learn more
Resources
learn more
+ expand menu - collapse menu
  • Customer Data Protection
    • Customer Data & Use
      • Data Use Across Customers
    • Pixel
    • Data Location & Data Center Security
    • Data Retention
    • Application Security
      • Bugcrowd
      • SDLC
        • Goals and Boundaries
    • SFDC
    • Data Exchange
    • Vulnerability Management
    • Encryption
  • Regulatory Compliance
    • SOC 2 Type 2
    • PCI SAQ-A
    • Cyber Insurance
  • Certification
    • SOC 2
  • Administrative Controls
    • Monitoring and Service Availability
      • Incident and Breach Response
      • Disaster Recovery
      • Business Continuity Planning
      • Data Classification
      • Audit Logs
    • Permissions & Logging
      • Authentication
      • Authorization
      • Access Control
    • SSO & MFA
    • In-House IT
    • DPA
    • Personnel Security
    • Questionnaires
    • Training
  • Resources
    • System Status
    • Contact & Portal
    • Blog
    • Topics
      • SDLC
    • White Papers

Customer Data Protection

Customer Data & Use

Data Use Across Customers

See our Privacy Policy

Pixel

See our Privacy Policy

Data Retention

See our Privacy Policy

Application Security

External Testing

We regularly crowdsource vetted researchers to look into our platform and report bugs or vulnerabilities. You can also contact us directly via email at security@nextroll.com or our support channel with information about a vulnerability.

Data Exchange

See our Privacy Policy

Regulatory Compliance

PCI-SAQ-A

NextRoll is PCI SAQ-A certified and our third-party payment processors are also PCI certified. NextRoll never possesses payment credentials.

Cyber Insurance

We can provide amounts and certificates, if required for customers and partners with an NDA.

Certification

SOC 2

NextRoll completed its initial SOC 2 [Type 2] audit in August of 2020, and will continue to certify annually. A copy of this report will be provided, upon request, to existing and potential customers under NDA. Please contact an account manager or sales representative for this request.

Administrative Controls

Monitoring and Service Availability

Incident and Breach Response

In the event of a breach, NextRoll will send out a breach notification within the time prescribed by applicable law. We use scanning software to log and document the breach. We would also conduct post mortems and record steps taken to mitigate or remediate the breach. We would assist and cooperate with: the customer to investigate and mitigate the breach; supervisory or law enforcement; and provide additional notifications as required by data subjects.

SSO & MFA

Currently, we do not have SSO for our product. However, this is in progress and will be implemented in the near future. MFA is supported for the web app through SMS or software based authenticator.

In-House IT

NextRoll IT currently uses a Single-Sign-On (SSO) that enforces certain minimum requirements. Access to SaaS applications is also supported by OAuth 2 and TOTP. Local laptops enforce various minimum requirements for passwords through a laptop management solution.

Physical Security

NextRoll employs appropriate physical controls at our facilities. All visitors are required to be registered ahead of time and must check-in at the front desk. All offices use security swipe cards for access, CCTV systems are also in use.

DPA

See our Privacy Policy

Training

The Information Security Team at NextRoll strives to engage the broader company with several different levels of training. From high-level orientation to specific guidance on best practices. The goal is to empower all areas of the business with greater security knowledge.

  • home
  • about
  • Business units
  • careers
  • culture
  • contact
  • News
  • NextRoll Engineering
  • iab Member
  • NAI Member
  • Tag Today
  • NextRoll logo
    • AdRoll logo
    • RollWorks logo
    • Careers
    • Trust Center
    • Terms of Service
    • Website Terms of Use
    • Privacy Notice
    • Infringement Policy
    • Employment Data Policy
    • Ad Opt Out
    • CCPA Notice at Collection
    • AdChoices

    Your Privacy Choices

    © 2006- NextRoll, Inc. All rights reserved.

    Do Not Sell or Share My Personal Information