Security & Compliance Measures
Data Privacy
Storydoc does not collect personally identifiable information (PII) from your customers or audiences. Only essential PII of users in your organization is collected, and it is handled in compliance with GDPR and CCPA regulations.
Payment Security
Payments are processed through Paddle, a certified payment processor. Storydoc does not store any payment details directly.
Regulatory Compliance
Storydoc operates under a Data Processing Agreement (DPA) to ensure GDPR and CCPA compliance. You can export user data at any time and request permanent deletion (“right to be forgotten”).
Infrastructure & Access Control
Single Sign-On (SSO) available through Okta and Azure
Penetration testing performed regularly
Vendors are SOC II and ISO certified
Multi-factor authentication enabled for additional security
Access to customer content is strictly controlled and requires explicit approval
Content Confidentiality
All content added to Storydoc remains confidential. Access is managed through an internal control system, ensuring only authorized personnel can view or handle it when required.
Accessibility Compliance
Storydoc templates meet AA Web Accessibility standards by default, helping you meet compliance requirements while making your content accessible to all audiences.