Trust

Trust Us With Your Privacy and Security

Privacy, security and data protection are core to our culture of respect, responsibility and earned trust.

Our Commitment

Directly was designed and built on a foundation of privacy and security. From our inception, we’ve made technology, policy and business decisions that strengthen privacy and security and reduce risk for our customers.
At Directly, all data is protected by a rigorous set of enterprise-level controls, policies, and practices to protect privacy and security.

Our Data Principles

A Core Principle & Differentiator:
Data Ownership, Minimization & Restricted Use

Independently Verified Compliance,
Controls and Assessments

One of the priorities of our privacy and security practices is to ensure that use of your data is transparent, safe, and respectful. Directly’s Compliance Team performs regular assessments to ensure risks are appropriately mitigated and controls are designed and operating properly.
We use SOC 2, Type 2 Controls for Service Organizations for organizational oversight, vendor management programs, internal corporate governance, risk management, and regulatory oversight. These controls provide assurance of the security, availability, confidentiality, and privacy of the data processed by our systems. We undergo periodic audits to receive updated SOC 2 Type II reports. These reports are available upon request and under NDA.
We implement European Union (EU) model clauses, known as Standard Contractual Clauses (SCC), for the safe transfer of personal data from the EU to the United States.
We comply with specific customer requirements and assessments, such as Microsoft’s Supplier Security & Privacy Assurance Standards (SSPA).

Leading Edge Security Policies & Protocols.
Directly is relentless on security.

Trusted by Leading Brands