Stop losing winnable deals

Boost win rates, increase average deal size, and increase revenue per rep with Gong, the #1 revenue AI platform.

Thank you for your submission.

COMPLIANCE AT GONG

WE GET COMPLIANCE,
YOU FOCUS ON BUSINESS

Gong provides solutions to meet your compliance requirements.

SOC 2 (Type 2)

Trust Services Principles

SOC 2 Type 2 is an assessment of Gong’s security safeguards for protecting customer data

ISO/IEC 27001

Information Security Management System (ISMS)

ISO 27001 globally recognized, standards-based approach to security. Valid until Oct 2025

ISO/IEC 27017

Information Security Management System (ISMS)

ISO 21017 – Certificate (#1122102) – information security controls for cloud service providers

ISO/IEC 27018

Information Security Management System (ISMS)

ISO 27018 – Certificate (#1122103) protecting PII in cloud

ISO/IEC 27701

Privacy Information Management System (PIMS)

ISO 27701 is a globally recognized, privacy-based certification. Valid until July 2027

PCI DSS

The Payment Card Industry Data Security Standard

PCI compliant mechanism (SAQ-D) to ingest calls from external telephony systems

Security Requirements

Health Information Privacy

HIPAA Security Requirements to principles and criteria

Security Trust Assurance and Risk (STAR) Registry

Cloud Security Alliance

Self Assessment for Gong Reality Platform

Data Privacy Framework (DPF) Program

Gong is certified with the EU-U.S. Data Privacy Framework (EU-U.S. DPF).

GDPR

Gong has implemented measures to ensure you remain GDPR compliant.

  • Links to help you gain consent to record
  • Product details about exporting and deleting data
  • List of subprocessors
Learn More
For questions around how personal data is processed, collected, stored, and deleted.

CONSENT COMPLIANCE

Some countries and U.S. states require that both parties on a call must be notified that the call is being recorded. As a best practice, we recommend including this notification regardless of the call participants’ locations.

  • Pre-call email
  • Personalized consent page
  • Gong audio prompt or Zoom consent features

GDPR

Gong has implemented measures to ensure you remain GDPR compliant.

  • Links to help you gain consent to record
  • Product details about exporting and deleting data
  • List of subprocessors
Learn More
For questions around how personal data is processed, collected, stored, and deleted.

CONSENT COMPLIANCE

Some countries and U.S. states require that both parties on a call must be notified that the call is being recorded. As a best practice, we recommend including this notification regardless of the call participants’ locations.

  • Pre-call email
  • Personalized consent page
  • Gong audio prompt or Zoom consent features

Gong passed the security review conducted by the Salesforce security team to be publicly listed on the AppExchange