Secure data, secure access
Customer trust and data security are critical to everything we do. Keep your data in your hands and exercise full control over user access and permissions.
Trusted by teams at
Trusted by teams at
SOC 2 Type 2 compliant
Your data stays secure, available, and confidential. To see our report, .
If you’re in the EU, your data is only processed on EU data centers.
Healthcare companies like ThirtyMadison, Chapter Health, and Headway trust Hightouch.
To see our DPA (Data Processing Addendum), .
Your data in your warehouse
Novel hybrid architecture
Hightouch never stores any of your data. We believe you should maintain control and take advantage of your existing architecture. Here’s how your data passes through Hightouch:
- Hightouch runs queries directly on your warehouse.
- You can choose to store all customer data temporarily in your cloud.
- Hightouch transfers data to your destination without ever storing it.
Hightouch also supports AWS PrivateLink for Snowflake in certain regions.
Control access on your own terms
Enterprise-ready on day one
Hightouch provides the control and governance capabilities you need to safely plug Reverse ETL into your tech stack.
SSO: Manage user authentication centrally with SAML SSO and keep access grants up-to-date with support for SCIM.
Role-based access: Leverage fine-grained permissions and custom roles to control who has access to specific workspace resources (models, destinations, and syncs).
Team labels: Share models and syncs with specific user groups and control permissions on those resources.
Audit logs: Track, monitor, and search all in-app user activity. Export reports and alerts to your preferred tools.
Approval flows: Require users to receive in-app approval before pushing changes into production. Rollback unintended changes immediately through Git.
We follow industry security standards
Our platform architecture and industry compliance certifications mean that your data is always secure.
- We complete regular security-design reviews, pen tests using trusted security vendors, and conduct regular audits such as SOC 2 Type 2.
- We encrypt all data at rest and protect it in transit with TLS. Hightouch’s metadata database is encrypted by Amazon AWS using standard AES-256 encryption algorithms.
- We limit internal access to tools and resources using time-based access.