Why Having SOC 2 Type II Compliance Matters in CX — Q&A With Expert

Gladly Team

4 minute read

When brands think about the important qualities they want in their CX solutions, data compliance – like SOC 2 Type II compliance – might not be at the top of their list. But keeping your customers’ information safe is crucial: not just to avoid a legal issue, but also to reinforce your commitment to quality.

In pursuing the highest standards of data security, Gladly recently achieved SOC 2 Type II certification, marking a new high point in our technical safety. To explain what this achievement means, we spoke with our own Patrick Hood, Security and Compliance Manager, about what makes data protection and careful data management so important for CX technology, and how Gladly exemplifies that ability.

What is SOC 2 Type II Certification?

Developed by the American Institute of CPAs, SOC 2 Type II is a widely recognized financial auditing standard awarded based on the security of an organization’s systems and data management.

Technology and cloud service providers that achieve this level of security use these reports to show customers their commitment to data security and privacy. Type II, also known as the Trust Services Criteria, focuses on the following categories:

Oversight of the organization
Vendor management programs
Internal corporate governance and risk management processes
Regulatory oversight

Understanding the Importance of Data Compliance in CX

When brands know their data — and that of their customers — is in good hands and that their organization is protected from a breach or loss, they can focus on the other essential elements of their business.

Below, Gladly’s Security and Compliance Manager, Patrick Hood, discusses the importance of data safety and how it works in the context of CX.

1. How does data compliance contribute to high-quality customer service and experiences?

PH: Data compliance gives the peace of mind that comes with knowing that your trusted partners are serious about not only your security, but your customers’ security as well. Your customers know that the brand they love also loves protecting their personal information. Data compliance is a badge of honor and you can worry less about security and focus on what really matters: the high-quality customer service your brand is known for.

2. Why is SOC 2 Type II such a big achievement for Gladly?

PH: SOC 2 Type II is an internationally accredited information security compliance certification that shows that Gladly goes above and beyond when it comes to protecting your data and your customers’ data. We can not only show that at any point in time, your data is secure, but we can show a track record of it always being secure at any point during the year. Gladly is proud to achieve accreditation in SOC 2 Type II, and will always continue to raise its standards of information security for the safety and security of its brands and customers.

3. What happens to brands that don’t work with data-compliant partners?

PH: At the end of the day, image and reputation as a brand is important. Customers are demanding more from their brands, especially in cybersecurity. Brands that do not work with data-compliant partners put their customers and the brand at risk. Data breaches are more prevalent than ever and the costs are skyrocketing. It’s not only about the safety of data but also about the safety of the business and the brand.

The Gladly Commitment to SOC 2

To maintain the status of our new SOC 2 Type II certification, Gladly will perform an annual audit each Q2 to renew this position and continue excellent security and compliance practices for years to come. Our customers can even access and review the status of our renewal via our Trust portal to see how we’ve achieved this compliance.

When choosing a CX partner, conduct the necessary audit of how they’ll take care of you — not just to serve your customers, but to protect your data. Be sure to select companies like Gladly that adhere to high standards of compliance so there’s no lapse in security at any point in the way you do business.

PRODUCT

See customer service that revolves around customers –– not tickets.

PRODUCT TOUR

Cookie	Duration	Description
_biz_flagsA	1 year	A Cloudflare cookie set to record users’ settings as well as for authentication and analytics.
_biz_pendingA	1 year	A Cloudflare cookie set to record users’ settings as well as for authentication and analytics.
_biz_sid	30 minutes	This cookie is set by Bizible, to store the user's session id.
_lfa	2 years	This cookie is set by the provider Leadfeeder to identify the IP address of devices visiting the website, in order to retarget multiple users routing from the same IP address.
ARRAffinity	session	ARRAffinity cookie is set by Azure app service, and allows the service to choose the right instance established by a user to deliver subsequent requests made by that user.
ARRAffinitySameSite	session	This cookie is set by Windows Azure cloud, and is used for load balancing to make sure the visitor page requests are routed to the same server in any browsing session.
AWSALBCORS	7 days	Amazon Web Services set this cookie for load balancing.
AWSELB	session	Associated with Amazon Web Services and created by Elastic Load Balancing, AWSELB cookie is used to manage sticky sessions across production servers.
BIGipServer*	session	Marketo sets this cookie to collect information about the user's online activity and build a profile about their interests to provide advertisements relevant to the user.
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Advertisement" category.
cookielawinfo-checkbox-analytics	1 year	Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Analytics" category.
cookielawinfo-checkbox-functional	1 year	The GDPR Cookie Consent plugin sets the cookie to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	1 year	Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Necessary" category.
cookielawinfo-checkbox-others	1 year	Set by the GDPR Cookie Consent plugin, this cookie stores user consent for cookies in the category "Others".
cookielawinfo-checkbox-performance	1 year	Set by the GDPR Cookie Consent plugin, this cookie stores the user consent for cookies in the category "Performance".
CookieLawInfoConsent	1 year	CookieYes sets this cookie to record the default button state of the corresponding category and the status of CCPA. It works only in coordination with the primary cookie.
JSESSIONID	session	The JSESSIONID cookie is used by New Relic to store a session identifier so that New Relic can monitor session counts for an application.
viewed_cookie_policy	1 year	The cookie is set by the GDPR Cookie Consent plugin to store whether or not the user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
__debugmode__	session	No description
_an_uid	7 days	No description available.
_clck	1 year	No description
_clsk	1 day	No description
_g2_session_id	session	Description is currently not available.
_gaexp_rc	past	No description available.
_lfa_test_cookie_stored	past	No description
_sp_id.e982	2 years	No description
_sp_ses.e982	30 minutes	No description
6suuid	2 years	No description available.
adEdition	1 day	No description available.
adops_master_kvs	never	No description available.
akaas_TODAY	10 days	No description available.
AnalyticsSyncHistory	1 month	No description
BIGipServerab46web-nginx-app_https	session	No description
cf_clearance	1 year	Description is currently not available.
cto_bundle	1 year 24 days	No description available.
cto_writeable	1 hour	No description
debug	never	No description available.
deviceToken	7978 years	No description
dpi_test	1 day	No description
dpi_utmOrigVals	1 month	No description
events_distinct_id	session	Description is currently not available.
geoEdition	1 day	No description available.
glady_viewed_demo_popup	session	No description
glady_viewed_notification	1 year 4 months 13 days	No description
li_gc	2 years	No description
m	2 years	No description available.
muc_ads	2 years	No description
nbcnews_geolocation	session	No description
next-i18next	1 year	No description available.
SM	session	No description available.
visitorId	1 year	No description

Cookie	Duration	Description
_fbp	3 months	This cookie is set by Facebook to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising, after visiting the website.
_mkto_trk	2 years	This cookie, provided by Marketo, has information (such as a unique user ID) that is used to track the user's site usage. The cookies set by Marketo are readable only by Marketo.
_opt_expid	past	Set by Google Analytics, this cookie is created when running a redirect experiment. It stores the experiment ID, the variant ID and the referrer to the page that is being redirected.
ANONCHK	10 minutes	The ANONCHK cookie, set by Bing, is used to store a user's session ID and also verify the clicks from ads on the Bing search engine. The cookie helps in reporting and personalization as well.
fr	3 months	Facebook sets this cookie to show relevant advertisements to users by tracking user behaviour across the web, on sites that have Facebook pixel or Facebook social plugin.
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
IMRID	1 year 24 days	The domain of this cookie is owned by Nielsen. The cookie is used for storing the start and end of the user session for nielsen statistics. It helps in consumer profiling for online advertising.
li_sugr	3 months	LinkedIn sets this cookie to collect user behaviour data to optimise the website and make advertisements on the website more relevant.
loc	1 year 1 month	AddThis sets this geolocation cookie to help understand the location of users who share the information.
MUID	1 year 24 days	Bing sets this cookie to recognize unique web browsers visiting Microsoft sites. This cookie is used for advertising, site analytics, and other operations.
personalization_id	2 years	Twitter sets this cookie to integrate and share features for social media and also store information about how the user uses the website, for tracking and targeting.
sp	1 year	This cookie is set by the host c.jabmo.app. This cookie is used to serve the content based on user interest and improve content creation.
TDID	1 year	TDID cookie is set by Cloudflare service to store a unique ID that identifies a returning user's device which is then used for targeted advertising.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.

Cookie	Duration	Description
_BUID	1 year	This cookie, set by Bizible, is a universal user id to identify the same user across multiple clients’ domains.
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_ga_*	1 year 1 month 4 days	Google Analytics sets this cookie to store and count page views.
_gat_gtag_UA_57791012_1	1 minute	Set by Google to distinguish users.
_gcl_au	3 months	Provided by Google Tag Manager to experiment advertisement efficiency of websites using their services.
_gd_session	4 hours	This cookie is used for collecting information on users visit to the website. It collects data such as total number of visits, average time spent on the website and the pages loaded.
_gd_svisitor	2 years	This cookie is set by the Google Analytics. This cookie is used for tracking the signup commissions via affiliate program.
_gd_visitor	2 years	This cookie is used for collecting information on the users visit such as number of visits, average time spent on the website and the pages loaded for displaying targeted ads.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
_parsely_session	30 minutes	This cookie is used to track the behavior of a user within the current session.
_sp_id.*	1 year 1 month 4 days	Snowplow sets this cookie to store user information that is created when a user first visits a site and is updated on subsequent visits.
_sp_ses.*	30 minutes	Snowplow sets this cookie to store user information that is created when a user first visits a site and is updated on subsequent visits.
_vwo_uuid_v2	1 year	This cookie is set by Visual Website Optimiser and calculates unique traffic on a website.
ajs_anonymous_id	never	This cookie is set by Segment to count the number of people who visit a certain site by tracking if they have visited before.
ajs_group_id	never	This cookie is set by Segment to track visitor usage and events within the website.
ajs_user_id	never	This cookie is set by Segment to help track visitor usage, events, target marketing, and also measure application performance and stability.
at-rand	never	AddThis sets this cookie to track page visits, sources of traffic and share counts.
browser_id	5 years	This cookie is used for identifying the visitor browser on re-visit to the website.
CONSENT	2 years	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.
SSCVER	1 year 24 days	The domain of this cookie is owned by Nielsen. The cookie is used for online advertising by creating user profile based on their preferences.
UID	2 years	Scorecard Research sets this cookie for browser behaviour research.
uvc	1 year 1 month	Set by addthis.com to determine the usage of addthis.com service.
vuid	2 years	Vimeo installs this cookie to collect tracking information by setting a unique ID to embed videos to the website.

Cookie	Duration	Description
__cf_bm	30 minutes	This cookie, set by Cloudflare, is used to support Cloudflare Bot Management.
_alid_	session	This cookie is set by the provider mielevod-vh.akamaihd.net. This cookie is used for making the live streaming of video content more efficient.
_biz_nA	1 year	This cookie, set by Bizible, is a sequence number that Bizible includes for all requests, for internal diagnostics purposes.
_biz_uid	1 year	This cookie is set by Bizible, to store user id on the current domain.
_vis_opt_test_cookie	session	Visual Website Optimizer creates this cookie to determine whether or not cookies are enabled on the user's browser.
bcookie	2 years	LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser ID.
bscookie	2 years	LinkedIn sets this cookie to store performed actions on the website.
lang	session	LinkedIn sets this cookie to remember a user's language setting.
language	session	This cookie is used to store the language preference of the user.
lidc	1 day	LinkedIn sets the lidc cookie to facilitate data center selection.
PBSECURESUSID	session	This cookie is set by the provider Podbean. This is a session cookie used to verify that the users are on secure sessions. It helps iin implementing audio files on the website.
UserMatchHistory	1 month	LinkedIn sets this cookie for LinkedIn Ads ID syncing.