Private and Secure by Design

We’re committed to earning and maintaining Partner and Customer trust by focusing on six key principles:

Shield Icon

Privacy

We respect your privacy and handle data with integrity. We don’t sell data.

Working person icon

Control

We give you ownership and put you in control of your personal information.

Social media email and chat icons

Transparency

We are transparent about data collection and use so you can make informed decisions.

Computer server icons

Security

We protect the data you entrust to us with strong, industry-leading security.

Home icon

Legal Compliance

We respect your local privacy laws and regulation.

Thumbs up icon

Benefits to You

When we do collect data, we use it to benefit you and improve your experiences.

We Respect Privacy

Person using touch screen on wall
The collection of certain data is essential to the function of automation and IT communication—its collection and use is what makes homes and businesses “smart.” The secure storage and appropriate use of that data are of the utmost importance to Snap One (NASDAQ: SNPO). Our commitment to privacy and data security is reflected across all our solutions and brands.

We respect your right to privacy and believe your data should be handled with integrity and confidence. We’re dedicated to strict and proactive standards for data privacy, because we believe trust must be earned. Snap One continuously evaluates and adjusts our security and privacy practices to ensure your data is protected and used appropriately.

See Our Full Privacy Policy →

Customer Information and Rights

Data is used to provide core functions of our solutions, troubleshoot with systems or accounts, send notifications and relevant technical communications, and improve the functionality of our products.

Snap One does not sell or rent personal information to third-party companies. Some customer information may be shared with business partners in order to:
  • Process credit card payments
  • Ship and deliver products
  • Fulfill orders
  • Manage or host customer data
  • Assess satisfaction and interest in our products and services
Our business partners are obligated to adhere to the same principles and agreements defined in our privacy policy, and Snap One requires these partners to provide assurance of adequate data protection.
Two people discussing about something on a laptopClose up of people working on tablet and laptop
Customers have the right, depending on jurisdiction and applicable laws, to:
  • Be provided with a copy of their personal information held by us.
  • Request the correction or deletion of their personal information held by us.
  • Request that their personal information be transferred to a third party.
  • Withdraw consent for the collection of personal data.
Advice and information on how to make the above requests can be found in our privacy policy.
Flax colored square shapeTurquoise colored square shape

We Protect Data

Snap One engineers and security personnel are proactive in safeguarding customer data. We build products following industry standards and secure methods. We use a variety of methods to continuously improve the security of our customers and partners.
  • We are armed with an array of security tools that protect and monitor for threats 24/7.
  • We stay in close alignment with law enforcement and monitor automation and smart home threat vectors.
  • We regularly update the security of customer, dealer, and organization systems through patches, configuration changes, and notifications to dealers.
  • We continually collaborate internally on a daily basis to keep products, apps, websites, and services safe for all customers and dealers.
Two people talking in a meeting room

Our Layered Security Approach

Visual eye icon

Data Center & Network Security

Facilities - Snap One servers are hosted at Tier IV or III+, SSAE-16, PCI DSS, or ISO 27001 compliant facilities. Data center facilities are powered by redundant power, each with UPS and backup generators.

On-site Security - Our data center facilities feature a secured perimeter with multi-level security zones, CCTV video surveillance, physical locks, and security breach alarms.

Monitoring - Production network systems, networked devices, and circuits are continuously monitored and logically administered by staff. Physical security, power, and internet connectivity for cloud-provided services are proactively managed and monitored by the managed services providers. On a routine basis, we evaluate cloud provider compliance and SOC compliance audits.

Shield and lock icon

Network Security

Dedicated Security Team - Our Security Team is on call 24/7 to respond to security alerts and events

Protection - Our network is protected by redundant firewalls, secure HTTPS transport over public networks, regular audits, and network Intrusion Detection and/or Prevention technologies (IDS/IPS), which monitor and/or block malicious traffic and network attacks. For internal networks, we leverage IEEE standard 802.1x for wired and wireless network authentication methods.

Architecture - Our network security architecture consists of multiple security zones. More sensitive systems, like database servers, are protected in our most trusted zones. Other systems are housed in zones commensurate with their sensitivity, depending on function, information classification, and risk. Depending on the zone, additional security monitoring and access controls will apply. DMZs are utilized between the Internet, and internally between the different zones of trust.

Network Vulnerability Scanning - We leverage network security scanning that provides deep insight and quick identification of out-of-compliance or potentially vulnerable systems.

Threat Intelligence Program - Snap One participates in threat intelligence sharing programs. We monitor threats posted to these threat intelligence networks and proactively take action based on our risk and exposure. Security Incident Response - In case of a system alert, events are escalated to our 24/7 Incident Response Team, who are trained on security incident response processes, including communication channels and escalation paths.

Penetration Testing - We conduct annual third-party penetration tests along with quarterly internal penetration tests.

Availability icon

Availability & Continuity

Uptime - Snap One maintains a system-status log which includes system availability details, scheduled maintenance, service incident history, and relevant security events.

Redundancy - Snap One employs service clustering and network redundancies to eliminate single points of failure. Our strict backup regime ensures Service Data is actively replicated across primary and secondary DR systems and facilities. Our co-location databases are stored on efficient Flash Memory devices with multiple servers per database cluster.

Computer and on screen mouse icon

Email & End-Point Protection

Email Protection - We leverage next-generation email protection. Our solution is AI and machine learning-based and has an event detection and response team that provides oversight 24/7/365. Our solution ensures that embedded links and attachments are valid and secure. In addition, our solution guards against impersonation and phishing attempts.

End-Point Protection - We leverage next-generation end-point protection on laptops, Mac, and servers. This next-gen solution is cloud-based and operates 24/7/365 to protect against malware and other threats. Our solution proactively identifies unauthorized systems and applications and provides real-time alerts on the use of privileged credentials. The platform identifies attacks and stops breaches 24/7 with a team of experts that proactively hunt, investigate, and advise on threat activity in our environment.

People icon

Employee Awareness & Training

Awareness Program - Our cybersecurity team conducts routine awareness communications to all employees throughout the year. Updates on cybersecurity programs and employee best practices are shared via employee communication programs sponsored by our cybersecurity team.

Information Security Policy - Our cybersecurity and risk management teams maintain a comprehensive set of cyber and information risk management policies that are communicated, monitored, and audited routinely. We also require employee attestation regarding the information security policy on an annual basis.

Learning Program - Our cybersecurity team put together a comprehensive information risk management learning program. This online training program is available to employees 24/7. Employees are required to take key modules each year. Our cybersecurity team spotlights modules throughout the year in company newsletters and shares current insights into the world of cybersecurity, to focus on what each employee can do to protect our company and our customers.

Products and solutions icon

Snap One Products and Solutions

Software Scanning/External Reviews - Static code scans are routinely performed, and external source code reviews are conducted on a regular basis to look for and remediate potential vulnerabilities.

IP-Based Products - We regularly conduct cybersecurity-based vulnerability tests of our IP-based products. These are performed by an independent third-party cybersecurity company.

Report Security Vulnerabilities

We take the quality of our products and potential vulnerabilities seriously.
Please report vulnerabilities responsibly.
See our Vulnerability Disclosure Policy

Submit Report
Snap One logo white version
Contact UsLegalPrivacy & SecurityCareersInvestorsReport Vulnerability
Cookies

© 2024 Snap One, LLC. All rights reserved.

Designated trademarks are the property of their respective owners. Use of this website implies acceptance of Snap One's Website Terms of Use and Privacy Policy.

Phone

(866) 424-4489
Facebook logo
Instagram logo
Youtube logo
Twitter logo

© 2024 Snap One, LLC. All rights reserved.

Designated trademarks are the property of their respective owners. Use of this website implies acceptance of Snap One's Website Terms of Use and Privacy Policy.