As a data-driven platform helping apparel and footwear brands measure and reduce their environmental impact, ensuring the security of our systems and customer information is critical. With this mission in mind, we’re excited to announce that Carbonfact is now SOC 2 compliant, marking a major milestone in our commitment to information security and customer trust.
Carbonfact has grown significantly over the past years. Following our Series A funding and the onboarding of an increasing number of clients, we recognized that this was the right time to pursue SOC 2 compliance. Partially to solidify our already-existing high standard of data and privacy protection, but also as a means to further improve it.
Therefore, we partnered with Advantage Partners and Vanta to seamlessly guide us through the compliance process.
Carbonfact Is Now SOC 2 Compliant
SOC 2 (Service Organization Control 2) is a framework developed by the American Institute of Certified Public Accountants (AICPA) to evaluate how organizations manage customer data.
Being SOC 2 compliant means that an independent auditor has reviewed a company’s security policies, procedures, and operational evidence to confirm that its controls are properly designed and effectively implemented. A SOC 2 report provides external validation of a company’s commitment to data security and the responsible handling of customer information.
For Carbonfact, this compliance milestone is particularly important. As a platform that processes and analyzes large volumes of supply chain and product-level environmental data, our clients trust us with sensitive information. SOC 2 compliance ensures that this data is handled with the highest standards of security, reinforcing our role as a reliable partner in helping brands decarbonize.
Carbonfact’s Co-founder and Chief Technology Officer, Romain Champourlier, shares:
“At Carbonfact, we believe that decarbonization is a data problem, because accurate and secure information is essential to measuring carbon footprints effectively. Given the volume of data we handle daily, maintaining SOC 2 compliance is an ongoing priority. We will continue regular audits, explore advanced security technologies, and stay ahead of evolving risks.”
What Does SOC 2 Compliance Mean for Our Clients?
The protection of customer data is a core priority for Carbonfact’s team, and we’re committed to maintaining strong security and compliance practices.
SOC 2 compliance provides our clients with clear assurance that:
- Their data is handled according to well-established AICPA industry standards
- Our data security measures and processes have been independently reviewed and verified
- We have effective controls in place to manage sensitive product and supply chain information
Lidia Lüttin
Martin Daniel
