Skip to main content
Log inGet a demo

Unparalleled data security and access controls

Customer trust and data security are critical to everything we do. Keep your data in your hands and safeguard your sensitive information with full control over user access and permissions.

Get started
Hero image.

The world’s most innovative companies choose Hightouch as their Composable CDP

Spotify.
Warner Music Group.
PetSmart.
WeightWatchers.
Ramp.
Calendly.
GitLab.
Grammarly.
Spotify.
Aritzia.
Warner Music Group.
PetSmart.
Tripadvisor.
GameStop.
Cars.com.
WeightWatchers.
Iterable.
Ramp.
Plaid.
Calendly.
GitLab.
Malwarebytes.
Greenhouse.
Grammarly.

Hightouch doesn’t store your data

Composable CDPs are more secure because no duplicate storage is required. Instead, we simply read from your data warehouse, where it stays safe and sound.

Abstract illustration of data flowing from top-to-bottom between three rows. The first row is labeled Data Warehouse with logos for Snowflake, Databricks, and Google BigQuery. The second row is labeled cloud bucket. The third is labeled destinations with logos for Facebook, HubSpot, and TikTok.
Your data in your warehouse

Novel hybrid architecture

Hightouch never stores any of your data. We believe you should maintain control and take advantage of your existing architecture. Here’s how your data passes through Hightouch:

  • Hightouch runs queries directly on your warehouse.
  • You can choose to store all customer data temporarily in your cloud.
  • Hightouch transfers data to your destination without ever storing it.

  • Hightouch also supports AWS PrivateLink for Snowflake in certain regions.

See our product architecture
Abstract illustration representing the secure relationship between enterprise teams like Data, Marketing, and Operations teams with Hightouch resources like Audiences, Models, and Syncs.
Control access on your own terms

Enterprise-ready on day one

Hightouch provides the control and governance capabilities you need to safely plug Reverse ETL into your tech stack.

  • SSO: Manage user authentication centrally with SAML SSO and keep access grants up-to-date with support for SCIM.

  • Role-based access: Leverage fine-grained permissions and custom roles to control who has access to specific workspace resources (models, destinations, and syncs).

  • Row-level access: Grant users access to data based on geography, business unit, or any other parameter.

  • Row-level sync controls: Control which data can be synced to each of your destinations, to ensure data only travels to approved tools.

  • Audit logs: Track, monitor, and search all in-app user activity. Export reports and alerts to your preferred tools.

  • Approval flows: Require users to receive in-app approval before pushing changes into production. Rollback unintended changes immediately through Git.

See our governance features
Abstract illustration highlighting SOC 2 Type 2, AES-256, HIPAA, and GDPR security standards.
We follow industry security standards

Product security

Our platform architecture and industry compliance certifications mean that your data is always secure.

  • We complete regular security-design reviews, pen tests using trusted security vendors, and conduct regular audits such as SOC 2 Type 2.
  • We encrypt all data at rest and protect it in transit with TLS. Hightouch’s metadata database is encrypted by Amazon AWS using standard AES-256 encryption algorithms.
  • We limit internal access to tools and resources using time-based access.
Learn about data security