Trust, transparency, and security in one place
Everything security, privacy, compliance, and trust teams need to evaluate Flinque as a vendor. Documentation, certifications, sub-processors, and real-time status in one central hub.
Security
How we protect the Flinque influencer marketing platform and your data.
Defense in depth
Multi-zone hosting, encrypted data at rest and in transit, secure key management, and continuous monitoring across all systems.
Role-based, least-privilege
MFA for all admin access, role-based access control, regular access reviews, and immediate revocation on role changes.
72-hour notification
Documented incident response process, 72-hour breach notification to affected customers, and transparent post-incident reviews.
Continuous testing
Regular vulnerability scanning, penetration testing, and a responsible disclosure program for security researchers.
Privacy and Data Protection
How we handle personal data and respect individual rights.
Regulatory Compliance
Frameworks we align with and enforce.
Data Processing Agreement
Our GDPR Article 28 processor agreement, covering controller-processor responsibilities, sub-processor management, audit rights, international transfers, and breach notification. Automatically in force for all customers.
- GDPR Article 28 compliant
- Module 2 and Module 3 SCCs included
- UK IDTA and Swiss Addendum supported
- 30-day sub-processor notification
- Audit rights for Enterprise
- 72-hour breach notification SLA
Sub-processors and Vendor Management
Complete transparency on third parties that process data on our behalf.
Current sub-processors
Organized by 9 functional categories. Every vendor is vetted, contractually bound, and monitored.
Change notifications
Subscribe to receive 30-day advance notice of new sub-processors with objection rights for Enterprise customers.
Service Reliability
Uptime commitments and real-time status.
99.9% Starter, 99.95% Enterprise
Published uptime targets with tiered service credits, incident response SLAs, and post-incident reviews for all P1 incidents.
Status page
Live operational status, historical incidents, scheduled maintenance, and subscription options for status alerts.
Ethical Commitments
Going beyond compliance to lead on creator and user welfare.
Creator Bill of Rights
11 commitments to every creator whose data appears in our platform, including transparent scoring, opt-out rights, and no retaliation.
Influencer Disclosure Guidelines
FTC, UK ASA, and EU disclosure guidance for customers running compliant campaigns through Flinque.
Acceptable Use Policy
Clear rules for how the platform should be used, with enforcement tiers and appeal rights.
IP Rights Policy
Ownership, licensing, and respect for third-party intellectual property across our platform.
Documentation for Security and Procurement Teams
Materials available on request for Enterprise evaluations.
Available Materials
- Technical and Organizational Measures (TOMs) summary
- SIG questionnaire response
- CAIQ questionnaire response
- Penetration test executive summary
- Sub-processor due diligence summary
- Transfer Impact Assessment (TIA) summary
- Business continuity summary
- Countersigned DPA
- Security incident response plan overview
How to Request
Most materials are available under mutual NDA. Enterprise prospects can request a full security questionnaire response through our contact page.
Our Legal and Privacy team typically responds within 5 business days.
Complete Policy Library
Every Flinque policy, organized by category.
Foundational
Data and Privacy
Security and Operations
Creator and Content
Talk to our Legal and Privacy team
For security questionnaires, countersigned DPAs, custom SLA arrangements, audit requests, or any other trust-related matters, we are here to help. Enterprise prospects typically receive a response within 5 business days.
#8, Newbury Street
700 Boylston St
Boston, Massachusetts 02116
United States