SOC 2 Type II
Face2Face is actively pursuing SOC 2 Type II certification with a target completion of Q4 2025
Current Status
Face2Face is actively pursuing SOC 2 Type II certification with a target completion of Q4 2025. While not required for our current service model, we're proactively working toward certification to support enterprise customers and future product development.
Understanding SOC 2 Requirements
SOC 2 certification is designed for service providers that store, process, or transmit sensitive business data as part of their core operations. This includes:
- Customer databases and proprietary business information
- Financial, healthcare, or confidential enterprise data
- Core business infrastructure and critical operations
- Systems with deep integration into business processes
Examples: Salesforce (CRM), AWS (infrastructure), payroll systems, financial software
Face2Face's Current Service Model
Face2Face provides real-time customer connection technology for sales and marketing:
What We Do:
- Website widgets (Sparks) that enable instant video/audio conversations
- Secure communication between your sales team and website visitors
- Basic lead capture that forwards to your existing CRM
- Optional call recording for sales training and follow-up
Data We Process:
- Prospect contact information (name, email address)
- Call metadata (duration, connection details)
- Conversation content (when recording is enabled)
- Basic visitor analytics
This is equivalent to data collected through phone calls, contact forms, demo scheduling tools (Calendly), or live chat widgets (Intercom).
Why SOC 2 Isn't Required Today
Risk Assessment: Face2Face facilitates standard sales communications - the same interactions that happen via phone, email, or in-person meetings. We don't store sensitive business data, access core systems, or handle confidential enterprise information.
Industry Comparison: Sales and marketing tools typically don't require SOC 2 certification because they process standard prospect communication data, not sensitive business operations data.
Why We're Pursuing SOC 2 Certification
Enterprise Market Requirements
Many enterprise procurement teams require SOC 2 certification regardless of actual risk level. By pursuing certification, we eliminate this procurement barrier.
Future Product Development
We're building toward more advanced capabilities:
- Enhanced CRM integrations with deeper data synchronization
- Business process automation beyond standard sales conversations
- Advanced analytics and customer intelligence features
- Workflow integrations with business-critical systems
Competitive Positioning
SOC 2 certification demonstrates our commitment to enterprise-grade security and positions Face2Face for larger enterprise deals.
Current Security Measures
While working toward SOC 2, we maintain strong security practices:
- End-to-end encryption for all video and audio communications
- HTTPS/SSL encryption for all data transmission
- GDPR compliance with Data Processing Agreements available
- Privacy by design architecture with minimal data collection
- Secure integrations with CRM and communication platforms
- Regular security assessments and monitoring
Timeline and Roadmap
Q2-Q3 2025: Gap analysis, control implementation, internal audits Q4 2025: SOC 2 Type II audit completion and certification 2026+: Annual SOC 2 audits and continuous compliance
For Enterprise Customers
Current Implementation:
- Low risk profile for sales and marketing use cases
- Standard security measures appropriate for communication tools
- Documentation available including security architecture and data flow
SOC 2 Timeline Planning:
- Immediate needs: Proceed with current security measures and interim assessments
- SOC 2 requirement: Plan for Q4 2025 implementation or later
- Contractual options: Include SOC 2 timeline commitments in agreements
Questions and Support
Compliance Team: compliance@face2face.io
- Security documentation and architecture reviews
- Data Processing Agreements and privacy assessments
- SOC 2 timeline and interim compliance measures
Sales Engineering: Available for technical discussions about security implementation and integration planning
Last updated on June 11, 2025