Security

Connect with confidence

Thousands of businesses and millions of people trust Calendly for confident, worry-free calendar connections.

Connect with confidence
Privacy and security standards

How we keep your data secure

Calendly dispose d'une équipe dédiée d'experts en matière de conformité et de sécurité pour nous aider à respecter nos normes rigoureuses en matière de protection de la vie privée et de sécurité. Nos politiques, procédures et technologies nous permettent de respecter et de dépasser les exigences des normes du secteur.

Hébergement de données
Hébergement de données
Amazon Web Services

Heroku’s physical infrastructure is hosted and managed within Amazon’s secure data centers. Calendly leverages all of the platform’s built-in security, privacy and redundancy features. AWS continually monitors its data centers for risk and undergoes assessments to ensure compliance with industry standards. Amazon’s data center operations have been accredited under: ISO 27001, SOC 1 and SOC 2/SSAE 16/ISAE 3402 (Previously SAS 70 Type II), PCI Level 1, FISMA Moderate and Sarbanes-Oxley (SOX).

Heroku

The Calendly application is hosted on Heroku using AWS technology. See Heroku’s Commitment to Trust.

Google

Calendly backups are replicated between AWS and Google Cloud Platform for high redundancy. See Google’s Trust and Security.

Cryptage

Data that passes through Calendly is encrypted, both in transit and at rest. All connections from the browser to the Calendly platform are encrypted in transit using TLS SHA-256 with RSA Encryption. Calendly requires HTTPS for all services. Calendly uses HSTS to ensure browsers interact with Calendly only over HTTPS and is on the HSTS preloaded lists for both Google Chrome and Mozilla Firefox.

Programmes de sécurité et de conformité
Personne
Vérifications en arrière-plan

All Calendly employees go through a thorough background check before hire.

Formation

While we retain a minimal amount of customer data and limit internal access on a need-to-know basis, all employees are trained on security and data handling to ensure that they uphold our strict commitment to the privacy and security of your data.

Confidentialité

All employees sign a confidentiality agreement before they start at Calendly.

Fiabilité et redondance.
Continuité business et récupération après sinistre

We have business continuity and disaster recovery plans in place that replicate our database and back up the data onto multiple cloud providers to ensure high availability.

Cycle de développement logiciel
Vérifications de routine

Calendly continuously scans the product for service interruptions, performance degradation and security vulnerabilities to immediately alert our engineers and take action when an incident has been detected.

Nouvelles versions

New releases to the Calendly platform are thoroughly reviewed and tested to ensure high availability and a great customer experience. Changes to our codebase are required to include unit tests, integration tests and end-to-end tests. Changes are run against our continuous integration server, which enables us to automatically detect any issues in development.

Tests d’assurance qualité

Once a changeset is completed, it is manually peer reviewed by one or more members of the engineering team. The changeset is then evaluated and manually tested by our quality assurance team to thoroughly test areas of expected impact, regression test and further evaluate the user experience.

Surveillance continue

After a changeset is released, we continue to monitor application exceptions and log exceptions. These exceptions are regularly reviewed and triaged for resolution. Performance impacts of the changeset are monitored through several monitoring services.

Contrôle de vulnérabilité
Gestion de terminaux mobiles (GTM)

We secure our employees' machines and laptops using mobile device management to ensure that each device follows our information security standards, including encryption.

Prévention des logiciels malveillants

Our employees’ equipment is defended by anti-malware software, and we run routine phishing tests to further educate and train employees.

Recherche de vulnérabilité

We keep our systems up to date with the latest security patches and continuously monitor for new vulnerabilities through compliance and security mailing lists. This includes automatic scanning of our code repositories for vulnerable dependencies.

Mesures de sécurité d’application
Authentification
Protection des identifiants de connexion

For Google Calendar and Office365 calendar connections, Calendly never collects passwords. Using a secure OAuth connection to sync these calendars only grants Calendly access to your calendar account through a secure token from your email provider. This also enables you to set additional security precautions with that provider including 2-factor authentication (2FA). For iCloud users, we recommend setting up 2FA and application-specific passwords. For organizations with enhanced security requirements, Calendly supports SAML-based Single sign-on (SSO) with the following identity providers: Okta, Ping Identity, Azure, OneLogin, and Auth0.

User provisioning and deprovisioning

Calendly offers seamless OAuth through Google Calendar and Office365, calendar connection is eliminated automatically when your account is canceled. For larger organizations, Calendly supports automatic provisioning and deprovisioning via SCIM if using one of our supported identity providers: Okta, Ping Identity, Azure, OneLogin, and Auth0.

Clients Calendly

Nous avons gagné leur confiance

Calendly partner 0
Calendly partner 1
Calendly partner 2
Calendly partner 3
Calendly partner 4
Calendly partner 5
Détails de sécurité

Certifications et conformité

certification shape
SOC 2 Type 2

SOC 2 est la référence en matière de sécurité et de conformité. Nous avons obtenu la certification SOC 2 Type 2 pour notre engagement à établir et à suivre des politiques et des procédures de sécurité.

Conforme PCI

We are PCI compliant through our payment processor, Stripe, which encrypts and stores credit card details.

Respect du RGPD

Nous avons intégré les normes du RGPD dans nos pratiques en matière de données pour faire en sorte que nos clients, qu'ils soient citoyens de l’UE ou des entreprises travaillant avec des clients européens, se sentent en sécurité en utilisant Calendly.

Consultez notre politique de confidentialité détaillée

En savoir plus
Consultez notre politique de confidentialité détaillée branding

Consultez nos conditions d'utilisation détaillées

En savoir plus
Consultez nos conditions d'utilisation détaillées branding

Lisez notre livre blanc

Télécharger maintenant
Lisez notre livre blanc branding

Abonnez-vous à notre newsletter