Security Program

We maintain a high bar for privacy and security. Your game's IP represents your creativity and craft, and we take our responsibility to keep it safe very seriously. We have integrated best-in-class security practices, use the best tools to track and enforce compliance, and are independently verified.

01

Information Security Program


Compliance

Bezi is SOC 2 Type 2 certified. All customers have access to our certification. To receive a copy of the report, please email security@bezi.com.

Our payment processor, Stripe is a certified Level 1 Service Provider. Bezi never has access to sensitive payment details.

SOC 2 Type 2

Legal

Terms of Service

Privacy Policy

Subprocessors

02

Internal Security Measures


Personnel security

Bezi completes background checks on all employees.

Identity and access management

Employees have unique logins and passwords for all business-related systems, which live in top-tier password vaults (i.e. 1password). We enforce two-factor authentication wherever possible.

Hardware security

All employee laptops are managed, have encrypted hard drives and are monitored with antivirus software.

Security education

As part of our security commitment, we require every employee to participate in ongoing security training throughout the year. Every new employee has Security training as a part of their onboarding to ensure Bezi remains closed to potential threats.

03

Bezi Application Security


Security features

By hosting Bezi platforms on AWS, we have access to the benefits provided to their customers such as physical security, redundancy, scalability and key management.

In addition to the benefits provided by AWS, we've invested in building additional security features. Capabilities vary based on subscription tier.

  • Single Sign-On

  • Role based permissions

  • Two-factor authentication

IP security

We prioritize security of game IP in Bezi. For more information on how IP is handled, see Security product documentation.

Customer data and privacy

Bezi stores the following customer identifiable data in our cloud:

Customer data

  • Names (as provided by the user)

  • Usernames

  • Email addresses

  • Company (for Enterprise customers only)

Payments data (stored and processed by Stripe)

  • Billing email addresses

  • Payment history and invoices

  • Billing addresses

Aggregated non-identifiable analytics data

  • Location (city, country, pulled from IP addresses when using Bezi)

Encryption

All application and customer data is encrypted in flight and at rest.

Third-party subprocessors

Bezi uses third-party service providers to assist with data processing, analytics, and customer engagement activities.

We conduct intense due diligence reviews as part of our service provider evaluation to ensure your data stays secure. The data each Subprocessor has access to is restricted to only what is necessary to perform their service.

Infrastructure availability

Our backend infrastructure is hosted in AWS and is fully monitored to detect any downtime.

SLAs are available through a Master Service Agreement.

Status Page and Incidents

Bezi's Status Page shows real-time incident reporting and historical uptime records from the past 90 days.

Responsible disclosure

If you believe you have discovered a vulnerability within Bezi’s application, please submit a report to security@bezi.com.

If you believe your account has been compromised or you are seeing suspicious activity on your account please report it to security@bezi.com.

If you are Enterprise customer, please reach out to your dedicated Bezi contact as soon as possible.

04

Best Practices


Best practices

  • Never share credentials for your account.

  • Use Multi-Factor Authentication or Single Sign-On to access your Bezi account

05

Contact


Contact us

Feel free to email us with any questions regarding our security program at security@bezi.com.

For Enterprise customers, please reach out to your dedicated Bezi contact to get more information.