At Sprinklr, security, compliance, and privacy are foundational to our customer and investor trust. We are fiercely dedicated to safeguarding information assets and continuously enhancing the security and privacy of our customers' data.
Request Demo
Security & Data Privacy
Explore Sprinklr’s certifications, assessments, and industry compliance status and dive deeper into the processes and features behind our platform and product security and privacy features. Discover how Sprinklr processes and safeguards information provided to us by our customers and get more details on our data transfer mechanisms, subprocessors, and find answers to frequently asked questions.
Safeguarding our customer information is of the utmost importance to Sprinklr. To demonstrate that commitment — and reduce customer exposure to risk — we’ve implemented the most comprehensive security standards, including web applications, optimized infrastructure, governance across all modern channels, network security, and more.
VISIT TRUST PORTAL
We offer a number of features and support industry-standard controls in order to help protect your brand. Security features include role-based access permissions, access controls, single sign-on, two-factor authentication, IP restricted access, and more.
Our platform is developed internally by Sprinklr employees who receive regular training on secure coding practices. When we create a product, our security team works closely with engineering to inject security throughout every step of the development process – and the job is never “finished.” Sprinklr follows the Open Web Application Security Project (OWASP) standard security controls and other industry-standard control systems for application security.
Sprinklr’s dedicated Detection & Response team is focused on threat detection engineering, vulnerability management, incident response and crisis communication management in order to support our customers in security incidents and beyond. Within scope are product operations, business system, and all corporate assets.
Sprinklr’s production environment is completely virtual, running in an Infrastructure-as-a-Service (IaaS) third-party cloud environment. We also leverage additional IaaS providers’ security controls. Sprinklr partners with AWS, Microsoft, and Google data centers in the United States and Europe for data hosting.
Sprinklr has implemented both reactive and proactive network security controls. We monitor network activity for anomalies 24/7 and respond to security events within minutes. Proactive controls such as firewalls, cloud security posture management, and network penetration tests ensure a very high degree of protection. All sensitive data is encrypted during transit.
At Sprinklr, we believe our employees are our first and strongest defense against cyber threats. Our employees are trained annually and regularly presented with security education and best practices in order to drive awareness, reduce risk and remain vigilant against potential threats. Annual tabletop exercises are also conducted to test our incident response plans.
Sprinklr utilizes a third-party Vulnerability Disclosure Program (VDP) for managing security vulnerabilities reported by the security community. For more information, please visit Sprinklr’s Vulnerability Disclosure Program
For more information and to request access to view compliance reports and more, visit and subscribe to the Sprinklr Trust Portal.
VISIT TRUST PORTALSprinklr has aligned configuration, policies, procedures, and processes in place, which are reviewed annually, to help our organization achieve business objectives, address uncertainty, and act with integrity.
VISIT TRUST PORTAL
Sprinklr is regularly audited by third-party assessments, evaluating internal controls that protect the security, confidentiality, integrity, availability, and privacy of the information entrusted to us by our customers. Sprinklr maintains SOC1 Type II, SOC2 Type II, PCI-DSS, and ISO 27001 certifications as well as FedRAMP authorization.
