PolstPolst
Get Started
Security & Trust

Security at Every Layer

When organizations use Polst as their sentiment layer, they trust us with audience data that informs real decisions. That trust is earned through transparency, rigorous engineering, and security practices that meet the highest enterprise standards.

If the data is not trustworthy, the decisions it informs are not either. Security and integrity are not features at Polst -- they are the foundation.

Platform Security

Encryption

  • TLS 1.3 encryption for all data in transit
  • AES-256 encryption for all data at rest
  • End-to-end encryption for Enterprise API feeds
  • Secure key management with automated rotation

Infrastructure

  • Hosted on SOC 2 Type II certified cloud infrastructure
  • Multi-region availability with automated failover
  • DDoS protection and rate limiting at the edge
  • Continuous infrastructure monitoring with real-time alerts

Access Control

  • Role-based access control (RBAC) for all accounts
  • Single Sign-On (SSO) via SAML 2.0 and OIDC for Enterprise
  • Multi-factor authentication (MFA) support
  • Audit logs for all administrative actions

Trust Scoring

  • Algorithmic detection of bot activity and duplicate responses
  • Behavioral analysis to identify coordinated manipulation
  • Geographic and device plausibility checks
  • Transparent trust scores visible in analytics dashboards

Data Governance

  • Data residency controls for Enterprise customers
  • Configurable data retention policies
  • Full data export capability at any time
  • GDPR, CCPA, and UK GDPR compliance frameworks

Compliance & Auditing

  • SOC 2 Type II readiness with annual third-party audits
  • Penetration testing performed quarterly by independent firms
  • Responsible disclosure program for security researchers
  • Incident response plan with defined SLAs for Enterprise

Trust Principles

Respondent Privacy by Default

We never collect personally identifiable information from respondents. Participation is voluntary, anonymous, and transparent. Respondents see aggregated results as a fair exchange for their attention.

Creator Transparency

Question creators always know how their data is stored, who can access it, and how trust scores are calculated. There are no black boxes in the Polst platform.

Enterprise Isolation

Enterprise private questions and internal sentiment programs are fully isolated from the public Polst network. Your data never crosses into shared indexes or public-facing features.

No Silent Data Use

Polst will never use your data in ways we have not disclosed. If we introduce new data uses, we communicate them clearly and give you control before they take effect.

Polst

Security questions? We have answers.

Our team is available to walk through security documentation, compliance requirements, and custom enterprise configurations.

Talk to Our Security Team

Ask the World.