Bloomreach, the platform fueling limitless e-commerce personalization, today announced the successful completion of its System and Organization Controls 2 Type II audit (SOC 2 Type II) for 2024. This recertification verifies internal security controls and validates their effectiveness over a one-year period. As a part of Bloomreach’s commitment to ensuring the company delivers the highest standard of security for its customers, the company renewed the accreditation covering its trust service principles: Security, Availability, and Confidentiality.

Passing the audit means Bloomreach has met the rigorous standards set by the American Institute of Certified Public Accountants (AICPA), and confirms that customer data is being properly managed, controlled, and secured. The extensive company-wide surveillance audit included a review of the company’s quality management systems and documentation, information security posture and controls, operations, governance, risk, and compliance activities.

In addition to our SOC 2 Type II attestation, Bloomreach maintains several ISO Certifications including:

• ISO 27001:2013 Information Security Management Systems
• ISO 27017:2015 Information Security Controls applicable to the use of cloud services (ISO 27002)
• ISO 27018:2015 Protection of PII in Public Clouds acting as a PII Processor
• ISO 22301:2019 Business Continuity Management Processes
• GDPR Certification

"At Bloomreach, we prioritize our customers' protection and success through our adherence to SOC 2 Type II compliance and ISO accreditation," stated Aviv Raff, Chief Information Security Officer at Bloomreach. "This renewal underscores our unwavering commitment to maintaining the rigorous standards we've established, ensuring ongoing support for our customers' evolving needs."