Candex is committed to protecting your data privacy and securing your information. We collect limited personal data (and no special categories of personal information), only as needed to provide our master vendor services. Our privacy procedures are designed to comply with applicable data privacy laws, including the European General Data Protection Regulation (GDPR). Our information security program is designed to ensure the security of all data processed by the entirety of the Candex Platform and its components, across the organization’s systems, subcontractors, and the Candex staff. We maintain an organization-wide information security program that consists of our ISO27001 information security policies and procedures, as well as other industry standard security programs and methods such as the AWS Well Architected program, CIS , and OWASP.

This commitment is also expressed by us attaining SOC2 Type II.

For more information, please visit our Trust Center