Document Control:

• PUBLIC (Limited) - Version 1.5 - Approved 2024-11-07 (clarifies bug bounty)
• PUBLIC (Limited) - Version 1.4 - Approved 2022-06-01 (Adds SOC 2 type 2)
• PUBLIC (Limited) - Version 1.3 - Approved 2020-11-11 (Adds SOC 2)
• PUBLIC (Limited) - Version 1.2 - Approved 2020-07-06
• PUBLIC (Limited) - Version 1.1 - Approved 2019-07-11
• PUBLIC (Limited) - Version 1.0 - Approved 2019-07-08

This document outlines the security and related technology practices at Pon HQ Pty Ltd (Pyn). If you have any questions, contact your Pyn Representative, or email the Pyn Security Team at [email protected]

Key Points

• Pyn is a platform for automating and analyzing communications and learning for employees.
• Pyn is principally driven by employee data, and as such integrates with Human Resource Information Systems (HRIS) such as BambooHR, Namely, or Workday.
• The delivery of Pyn content is configurable, but will typically be via Slack, Teams, or Email.
• Managing employee data requires security as a founding concern. The Pyn platform and practices are built and configured with security as primary requirement.
• The Pyn team is principally based in Sydney, Australia. We also have employees in San Francisco, California.
• All production systems are hosted on Amazon Web Services (AWS). Customers have the option of selecting hosting in the United States of America (US) or European Union (EU).
• Pyn is SOC 2 Type 2 Certified. Our Auditor's report is available on request.