Privacy Shieldlogo

At Fond, protecting our customers’ data is our highest priority, and we believe our customers have the right to know when and how we use their data. Fond takes a holistic approach to data security and privacy by handling data in compliance with standards standards including the General Data Protection Act (GDPR), California Consumer Privacy Act (CCPA), Privacy Shield, and SOC 2.



The General Data Protection Regulation (GDPR) is a European Union (E.U.)-based privacy law that took effect on May 25, 2018 governing the ownership of data and data subjects (users). The California Consumer Privacy Act (CCPA), effective January 1, 2020 is a California bill that enhances privacy rights and consumer protections for residents of California.

GDPR establishes guidelines for a data subject’s rights to correct their data, remove their data, receive a copy of data acquired by companies, and have visibility into how their data is used.

The California Consumer Privacy Act (CCPA), effective January 1, 2020 is a California bill that enhances privacy rights and consumer protections for residents of California.

CCPA establishes guidelines for a consumer’s rights to control the use, deletion, access and portability of their private information (PI).

As part of its holistic approach to Data Security and Privacy, Fond has performed a comprehensive evaluation of GDPR and CCPA requirements and enhanced our privacy and security practices to ensure compliance, including:

  • Employee training on security and privacy practices
  • Providing data transfer methods to customers
  • Performing privacy impact assessments
  • Maintaining records of processing activities
  • Providing mechanisms to efficiently handle data subject requests
  • Updating our Privacy Policy

Fond continues to monitor GDPR and CCPA to ensure that our programs remain in compliance.

Privacy Shieldlogo

Privacy Shield

Fond has also certified to the U.S. Department of Commerce’s Privacy Shield Framework, which is a self-assessment of how data is handled when transferred between countries. Our comprehensive privacy policy ensures your data is encrypted and secure. The Privacy Shield framework allows personal data transfers between the E.U. and the U.S.

Key principles emphasized in Privacy Shield:

  • Clear safeguards and transparency obligations on U.S. government access
  • Strong obligations for companies handling data
  • Effective protection of individual data rights, including redress options for E.U. citizens
  • An annual joint-review by the European Commission and the U.S. Department of Commerce


The American Institute of Certified Public Accountants (AICPA) Service Organization Controls (SOC) reports give assurance over control environments as they relate to the retrieval, storage, processing, and transfer of data. These reports cover IT General controls and controls around availability, confidentiality, and security of customer data.

Fond’s operations, policies, and procedures are audited regularly to ensure Fond meets and exceeds all standards expected of service providers. Fond operates in compliance with SOC 2 to ensure your data is protected, available, and secure. The SOC 2 audit, conducted by Schellman and Company, validates Fond’s physical and environmental safeguards for production data centers, backup and recovery procedures, software development processes, and logical
security controls.

Fond’s SOC 2 report is available on request.


Want to get in touch? Call us at 1-415-969-6576 or fill out the form below to request a demo.
We’re available by phone M-F from 9am - 5pm PST.


By submitting this form, you are agreeing to our Terms of Service and Privacy Policy.