(Internal) Is Gem SOC2 compliant?

Yes, Gem is SOC 2 Type 2 compliant. Our audit period runs from March 1 through Feb 28/29 of the following year, with a new auditors report generally available on April 15th that covers the observed controls during the proceeding year (current version attached here). If your customer also asks for a bridge letter to cover the period from when the audit report was released through to the current date, please post in #sales-success-legal.

For prospects, we will need an NDA in place before the report can be shared with them. Please ask in #sales-success-legal for help if you’re unsure on how to send an NDA.

For existing customers, there are confidentiality provisions in their MSA so we don’t need them to sign an NDA.