Shield image containing Assembled logo.

Enterprise-ready security and practices.

Independently audited and tested. Trusted by industry leaders.
Badge indicating SOC-2 Compliance.

SOC 2® Type II

Assembled partners with one of the largest independent auditing firms in the country, The Cadence Group. They have confirmed that Assembled meets the requirements set forth in TSP section 100, 2017 Trust Services Criteria for Security, Availability, Processing Integrity and Confidentiality.

Badge indicating A+ grade from SSL Labs.

SSL Labs Rating A+

The Secure Sockets Layer (SSL) is a standard for encrypted network communication. An A+ server rating means that our protocol support, key exchange and cipher strength are operating at a high level.

Badge indicating GDPR compliance.

GDPR Compliant

The General Data Protection Regulation (GDPR) is a privacy regulation in the European Union (EU), which calls for increased data privacy for individuals.

At Assembled, we view security and compliance as more than just a box-ticking exercise. We've built with best practices in mind since day one.

Security at Assembled

Image indicating encryption.


Assembled encrypts data at rest using the industry standard AES-256 and data in transit using SSL/TLS.

Image indicating data access.

Data Access

Access to customer data is limited to authorized employees who require it for their job, and data access is logged and audited.

Image indicating penetration testing.

Penetration Tests

Assembled engages industry-leading firms to perform annual tests, using a mix of dynamic fault injection and in-depth study of source code.

Image indicating incident response.

Incident response

Assembled rapidly investigates and responds to all reported security issues. Issues can be reported via

Image indicating employee training.

Employee Training

All employees complete an annual security training and employ best practices when handling customer data.

Image indicating secure development practices.

Secure Development

Assembled utilizes a variety of manual and automatic data security and vulnerability checks throughout the software development lifecycle.

Have security questions?

Contact our security team