We are proud to announce that AfterShip, a leading post-purchase and shipment tracking platform for eCommerce businesses, has completed the SOC 2 Type 1 examination and is officially SOC 2 compliant.

What is SOC 2, and why does it matter?

SOC (System and Organization Controls) 2 is widely recognized as one of the tech industry's most important and rigorous compliance standards related to managing customer data. SOC 2 is developed by the American Institute of Certified Public Accountants (AICPA) and evaluates various criteria related to controls and processes. For instance, how a company manages customer data based on Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy. AfterShip’s SOC 2 Type 1 certification puts us at the forefront of enterprise data security with the likes of Shopify, Salesforce, and Magento.

Proving Continuous Adherence

“Expectations for information security, both from businesses and consumers, have never been higher. And that’s a good thing,” said Teddy Chan, CEO and co-founder of AfterShip. He further added, “For us, that means we must comply with the highest standards for information security. And now that we’ve been officially certified as SOC 2 Type 1 compliant, we are geared up for SOC 2 Type 2.”

As part of the attestation process, an independent auditor has verified the existence of AfterShip’s system description and the internal controls designed and implemented to meet the requirements based on selected Trust Services Criteria. The SOC 2 Type 1 attestation report covers AfterShip’s tracking, returns, and Automizely Marketing products.

By becoming SOC 2 compliant, AfterShip demonstrates to the market that it has made a serious commitment to compliance and that its internal processes and controls are suitable for managing customer data for enterprise clients working at the highest levels of information security.