Data Protection
and Security

FastDraft’s product infrastructure is hosted on Microsoft’s Azure cloud computing platform
in the United Kingdom. Built Intelligence’s products are hosted with cloud infrastructure providers with SOC 2 Type 2 and ISO 27001 certifications, among others. These certifications include dedicated security staff, strictly managed physical access control, and video surveillance.

Yes, we support regional data hosting to provide all our customers the flexibility to choose where their customer data is stored. Our enterprise customers on a dedicated instance have the option to store their data in a region of their choice.

Built Intelligence is committed to ensuring the availability of our systems. We use commercially reasonable efforts to meet a service uptime of 99.95% for our Subscription Service in a given calendar month.

While Built Intelligence backs up data on our servers for you, our Customer Success Team can guide you on how to export your content and data if you’d like to back it up on your own.

FastDraft enforces granular roles and permissions for users. Admin users can create and manage users of their portals and assign appropriate privileges. For more information about user roles within FastDraft, please see our knowledge base article or speak to our Customer Success Team.

Please refer to the Sub-Processors section in our Privacy Policy displayed in-app for details on third-party vendors that may have access to your data.

The Built Intelligence products allow users to log in to their Built Intelligence accounts using built-in Built Intelligence login or Single Sign-On (SSO). The built-in login enforces a uniform password policy which requires a minimum of 12 characters and a combination of lower and upper case letters, special characters, whitespace, and numbers. Instructions for setting up SSO are available in our knowledge base article. Single Sign-On login users can configure a password policy in their SSO provider. Please contact our customer success team for more information about enabling SSO.

Yes, our Infrastructure Partner Microsoft has a publicly available SOC 3 report attesting to our commitment to meeting rigorous industry standards established by the Trust Service Principles (TSPs) established by the American Institute of Certified Public Accountants (AICPA). You can download the SOC3 report here. Microsoft also has a confidential SOC 2 Type 2 report attesting to the controls we have in place governing the availability, confidentiality, and security of customer data as they map to the TSPs. We are proud of the excellence of our controls and invite you to download a copy of our SOC 2 Type 2 report if you are a customer or prospect here. Our Infrastructure Partner Microsoft has a publicly available CSA Star Certificate and  ISO27001, ISO27017, ISO27018, ISO27701, ISO2000-1 and ISO9001 Certificates certifying our commitment to meeting rigorous industry standards. You can download the SOC3 report here.

Yes, Built Intelligence has publicly available Cyber Essential, Cyber Essential Plus and ISO27001 Certificates demonstrating our commitment to meeting rigorous industry standards.

Yes, you are permitted to perform a penetration test on the Built Intelligence products. However, it's essential to adhere to our guidelines (available on request) and submit any findings to our development team. These guidelines are set so you can effectively test within the security controls we have in place. Our Acceptable Use Policy requires that if you perform a penetration test, you must do so in an authorised manner. Testing the app within the guidelines we set forth on is what constitutes authorised testing. We recommend using a different IP address for scanning than you use to login to your portal. This mitigates any risk that you may be unable to use your Built Intelligence portal due to blocks incurred by your tests. Please see speak to our customer success team before completing any testing