Security & Compliance
Security & Compliance
Security & Compliance
Concord provides a SOC 2 type II report. This report can be accessed through our Conveyor portal.
Concord values your privacy. You can choose where your data is stored, and also have the option to enter into a Data Processing Agreement.
Concord has received a Star Level One rating from the Cloud Security Alliance — the highest transparency rating.
Concord’s servers are hosted on AWS, in compliance with SOC 1, SOC 2, SOC 3, ISO 27x, FedRamp, PCI DSS, HIPAA, FIPS, FISMA, and CSA.
The DPF enables U.S. organizations to transfer personal data from the EU, UK, and Switzerland in line with privacy laws. Concord is certified under the EU-U.S. DPF and its UK and Swiss extensions.
Concord provides a SOC 2 type II report. This report can be accessed through our Conveyor portal.
Concord values your privacy. You can choose where your data is stored, and also have the option to enter into a Data Processing Agreement.
Concord has received a Star Level One rating from the Cloud Security Alliance — the highest transparency rating.
Concord’s servers are hosted on AWS, in compliance with SOC 1, SOC 2, SOC 3, ISO 27x, FedRamp, PCI DSS, HIPAA, FIPS, FISMA, and CSA.
The DPF enables U.S. organizations to transfer personal data from the EU, UK, and Switzerland in line with privacy laws. Concord is certified under the EU-U.S. DPF and its UK and Swiss extensions.
Concord provides a SOC 2 type II report. This report can be accessed through our Conveyor portal.
Concord values your privacy. You can choose where your data is stored, and also have the option to enter into a Data Processing Agreement.
Concord has received a Star Level One rating from the Cloud Security Alliance — the highest transparency rating.
Concord’s servers are hosted on AWS, in compliance with SOC 1, SOC 2, SOC 3, ISO 27x, FedRamp, PCI DSS, HIPAA, FIPS, FISMA, and CSA.
The DPF enables U.S. organizations to transfer personal data from the EU, UK, and Switzerland in line with privacy laws. Concord is certified under the EU-U.S. DPF and its UK and Swiss extensions.
Application Security
Application Security
Application Security
![](data:image/svg+xml,<svg display="block" role="presentation" viewBox="0 0 42 42" xmlns="http://www.w3.org/2000/svg"><path d="M 36.667 26.667 C 36.666 25.194 35.473 24 34 24 L 4.667 24 C 3.194 24 2 25.194 2 26.667 L 2 34 C 2 35.473 3.194 36.666 4.667 36.667 L 34 36.667 C 35.473 36.667 36.667 35.473 36.667 34 Z M 8.352 29.334 L 8.454 29.338 C 8.958 29.39 9.352 29.816 9.352 30.334 C 9.352 30.851 8.958 31.277 8.454 31.328 L 8.352 31.334 L 8.333 31.334 C 7.781 31.334 7.334 30.886 7.333 30.334 C 7.333 29.781 7.781 29.334 8.333 29.334 Z M 36.667 4.667 C 36.666 3.194 35.473 2 34 2 L 4.667 2 C 3.194 2 2 3.194 2 4.667 L 2 12 C 2 13.473 3.194 14.666 4.667 14.667 L 34 14.667 C 35.473 14.667 36.667 13.473 36.667 12 Z M 8.352 7.333 L 8.454 7.338 C 8.958 7.39 9.352 7.816 9.352 8.333 C 9.352 8.851 8.958 9.277 8.454 9.328 L 8.352 9.334 L 8.333 9.334 C 7.781 9.334 7.334 8.886 7.333 8.333 C 7.333 7.781 7.781 7.333 8.333 7.333 Z M 38.667 34 C 38.667 36.577 36.577 38.667 34 38.667 L 4.667 38.667 C 2.089 38.666 0 36.577 0 34 L 0 26.667 C 0 24.089 2.089 22 4.667 22 L 34 22 C 36.577 22 38.666 24.089 38.667 26.667 Z M 38.667 12 C 38.667 14.577 36.577 16.667 34 16.667 L 4.667 16.667 C 2.089 16.666 0 14.577 0 12 L 0 4.667 C 0 2.089 2.089 0 4.667 0 L 34 0 C 36.577 0 38.666 2.089 38.667 4.667 Z" fill="rgb(0, 0, 0)" height="38.66651335144043px" id="KSe2n6qrM" transform="translate(1.667 1.667)" width="38.666508px"/></svg>)
Concord stores all content in geographically dispersed, ISO 27001-certified and SSAE 16-audited, data centers throughout the United States and Europe. These data centers include state-of-the-art physical and environmental access controls and safety features.
![](data:image/svg+xml,<svg display="block" role="presentation" viewBox="0 0 42 42" xmlns="http://www.w3.org/2000/svg"><path d="M 36.593 17.073 C 36.593 16.623 36.474 16.182 36.248 15.793 C 36.021 15.405 35.695 15.084 35.304 14.863 L 33.943 14.094 L 21.334 21.195 L 25.625 23.612 L 25.74 23.673 C 26.014 23.807 26.315 23.878 26.621 23.878 C 26.97 23.878 27.314 23.786 27.617 23.612 L 27.624 23.608 L 35.305 19.282 C 35.696 19.06 36.021 18.739 36.248 18.352 C 36.474 17.963 36.593 17.522 36.593 17.073 Z M 5.63 28.293 C 5.629 28.802 5.769 29.301 6.033 29.736 C 6.296 30.17 6.672 30.523 7.122 30.758 L 18.122 36.405 L 18.126 36.407 L 18.264 36.473 C 18.275 36.478 18.286 36.482 18.297 36.486 L 18.297 22.906 L 13.957 25.351 L 13.957 25.35 C 13.387 25.674 12.748 25.854 12.095 25.875 L 11.963 25.878 C 11.264 25.878 10.576 25.696 9.968 25.35 L 5.63 22.9 Z M 28.606 25.351 L 28.605 25.35 C 28.001 25.696 27.317 25.878 26.621 25.878 C 25.924 25.878 25.24 25.696 24.636 25.35 L 20.297 22.907 L 20.297 36.486 C 20.354 36.462 20.412 36.436 20.467 36.407 L 20.472 36.405 L 31.472 30.758 C 31.921 30.523 32.298 30.17 32.561 29.736 C 32.824 29.301 32.964 28.802 32.963 28.293 L 32.963 22.896 Z M 6.688 12.946 L 19.296 20.048 L 31.907 12.945 L 19.308 5.833 Z M 2 17.073 C 2 17.522 2.119 17.963 2.346 18.352 C 2.572 18.739 2.897 19.06 3.288 19.282 L 10.952 23.608 L 10.956 23.61 L 11.072 23.672 C 11.349 23.807 11.654 23.878 11.963 23.878 L 12.096 23.873 C 12.403 23.853 12.703 23.764 12.971 23.61 L 12.976 23.608 L 17.259 21.195 L 4.651 14.095 L 3.288 14.864 C 2.897 15.085 2.572 15.406 2.346 15.793 C 2.119 16.182 2 16.623 2 17.073 Z M 36.593 8.823 C 36.593 8.373 36.474 7.932 36.248 7.543 C 36.022 7.156 35.697 6.835 35.307 6.614 L 27.608 2.288 C 27.301 2.116 26.955 2.026 26.603 2.026 C 26.251 2.026 25.906 2.116 25.599 2.287 L 25.6 2.287 L 21.344 4.686 L 33.944 11.798 L 35.304 11.032 C 35.695 10.811 36.021 10.49 36.248 10.102 C 36.474 9.713 36.593 9.272 36.593 8.823 Z M 2 8.823 C 2 9.272 2.119 9.713 2.346 10.102 C 2.572 10.489 2.897 10.81 3.288 11.031 L 4.651 11.799 L 17.273 4.684 L 12.994 2.269 L 12.988 2.265 C 12.723 2.113 12.426 2.024 12.122 2.004 L 11.991 2 C 11.641 2 11.297 2.091 10.994 2.265 L 10.988 2.269 L 3.289 6.612 L 3.289 6.613 C 2.898 6.834 2.572 7.155 2.346 7.543 C 2.119 7.932 2 8.373 2 8.823 Z M 38.593 8.823 C 38.593 9.626 38.38 10.415 37.975 11.109 C 37.57 11.803 36.988 12.377 36.289 12.773 L 36.288 12.774 L 35.979 12.947 L 36.288 13.122 L 36.289 13.122 L 36.418 13.198 C 37.06 13.59 37.595 14.135 37.975 14.786 C 38.38 15.48 38.593 16.269 38.593 17.073 C 38.593 17.876 38.38 18.665 37.975 19.359 C 37.57 20.053 36.988 20.627 36.289 21.023 L 36.288 21.024 L 34.963 21.769 L 34.963 28.291 L 34.961 28.456 C 34.934 29.274 34.696 30.072 34.271 30.774 C 33.817 31.522 33.166 32.131 32.39 32.535 L 32.385 32.537 L 21.385 38.184 L 21.385 38.184 C 20.772 38.501 20.095 38.674 19.406 38.691 C 19.37 38.695 19.334 38.698 19.297 38.698 C 19.26 38.698 19.223 38.695 19.187 38.691 C 18.498 38.674 17.821 38.501 17.208 38.184 L 6.208 32.537 L 6.204 32.535 C 5.427 32.131 4.777 31.522 4.323 30.774 C 3.869 30.026 3.629 29.167 3.63 28.291 L 3.63 21.771 L 2.305 21.023 L 2.304 21.023 C 1.605 20.627 1.023 20.053 0.618 19.359 C 0.213 18.665 0 17.876 0 17.073 C 0 16.269 0.213 15.48 0.618 14.786 C 1.023 14.092 1.605 13.518 2.304 13.122 L 2.306 13.122 L 2.614 12.947 L 2.306 12.774 L 2.304 12.773 C 1.605 12.377 1.023 11.803 0.618 11.109 C 0.213 10.415 0 9.626 0 8.823 C 0 8.019 0.213 7.23 0.618 6.536 C 1.023 5.842 1.605 5.268 2.304 4.872 L 2.305 4.872 L 9.999 0.53 C 10.606 0.183 11.292 0 11.991 0 L 12.122 0.002 C 12.773 0.023 13.41 0.203 13.977 0.527 L 19.309 3.537 L 24.617 0.545 L 24.62 0.543 L 24.735 0.481 C 25.311 0.183 25.952 0.026 26.603 0.026 C 27.253 0.026 27.894 0.183 28.47 0.481 L 28.584 0.543 L 28.586 0.544 L 36.287 4.871 L 36.289 4.872 L 36.418 4.948 C 37.06 5.34 37.595 5.885 37.975 6.536 C 38.38 7.23 38.593 8.019 38.593 8.823 Z" fill="rgb(0, 0, 0)" height="38.697796999999994px" id="ZkOr2lvZL" transform="translate(1.703 1.636)" width="38.593275px"/></svg>)
All data in Concord is encrypted in transit and at rest. We use TLS 1.2 or higher for data in transit, and banking industry standard AES-256 encryption for data at rest.
![](data:image/svg+xml,<svg display="block" role="presentation" viewBox="0 0 42 42" xmlns="http://www.w3.org/2000/svg"><path d="M 33 4.667 C 33 3.24 31.88 2.075 30.471 2.003 L 30.334 2 L 4.667 2 C 3.194 2 2 3.194 2 4.667 L 2 30.334 L 2.003 30.471 C 2.075 31.88 3.24 33 4.667 33 L 30.334 33 C 31.806 33 33 31.806 33 30.334 Z M 25.834 24.834 C 25.833 25.386 25.386 25.833 24.834 25.834 C 24.281 25.834 23.834 25.386 23.834 24.834 L 23.834 12.581 L 10.874 25.541 C 10.483 25.931 9.85 25.931 9.459 25.541 C 9.069 25.15 9.069 24.517 9.459 24.127 L 22.419 11.167 L 10.167 11.167 C 9.614 11.166 9.167 10.719 9.167 10.167 C 9.167 9.614 9.614 9.167 10.167 9.167 L 24.834 9.167 C 25.386 9.167 25.833 9.614 25.834 10.167 Z M 35 30.334 C 35 32.911 32.911 35 30.334 35 L 4.667 35 C 2.17 35 0.131 33.039 0.006 30.573 L 0 30.334 L 0 4.667 C 0 2.089 2.089 0 4.667 0 L 30.334 0 L 30.573 0.006 C 33.039 0.131 35 2.17 35 4.667 Z" fill="rgb(0, 0, 0)" height="35px" id="HnusuFH6X" transform="translate(2.5 3.5)" width="35px"/></svg>)
Concord employees only have access to customer data on a strict need-to-know basis. Customers have granular access management with complex passwords, SSO, and two-factor authentication (2FA).
![](data:image/svg+xml,<svg display="block" role="presentation" viewBox="0 0 42 42" xmlns="http://www.w3.org/2000/svg"><path d="M 29.333 8.334 C 29.333 8.113 29.245 7.901 29.089 7.745 C 28.933 7.589 28.721 7.501 28.5 7.501 C 24.514 7.501 19.729 5.172 16.411 2.274 L 16.33 2.212 C 16.137 2.075 15.905 2 15.666 2 C 15.394 2 15.13 2.097 14.923 2.274 L 14.922 2.274 C 11.726 5.063 7.119 7.354 3.21 7.494 L 2.833 7.501 C 2.612 7.501 2.4 7.589 2.244 7.745 C 2.088 7.901 2 8.113 2 8.334 L 2 21.167 C 2 25.487 3.5 28.674 5.879 31.111 C 8.136 33.422 11.223 35.097 14.69 36.364 L 15.388 36.612 L 15.411 36.621 L 15.479 36.643 C 15.637 36.686 15.804 36.682 15.961 36.631 C 19.703 35.327 23.051 33.582 25.456 31.114 C 27.833 28.675 29.333 25.487 29.333 21.167 Z M 14.666 24.834 L 14.666 20.334 L 10.166 20.334 C 9.614 20.334 9.167 19.886 9.167 19.334 C 9.167 18.782 9.614 18.334 10.166 18.334 L 14.666 18.334 L 14.666 13.834 C 14.667 13.282 15.114 12.834 15.666 12.834 C 16.219 12.834 16.666 13.282 16.666 13.834 L 16.666 18.334 L 21.166 18.334 L 21.269 18.339 C 21.773 18.391 22.166 18.816 22.166 19.334 C 22.166 19.852 21.773 20.278 21.269 20.329 L 21.166 20.334 L 16.666 20.334 L 16.666 24.834 C 16.666 25.386 16.219 25.834 15.666 25.834 C 15.114 25.834 14.666 25.386 14.666 24.834 Z M 31.333 21.167 C 31.333 26.015 29.625 29.702 26.888 32.51 C 24.347 35.117 20.959 36.928 17.345 38.26 L 16.619 38.52 L 16.611 38.523 C 16.001 38.729 15.34 38.722 14.735 38.502 L 14.735 38.503 C 10.84 37.158 7.161 35.287 4.448 32.509 C 1.708 29.702 0 26.015 0 21.167 L 0 8.334 C 0 7.583 0.299 6.862 0.83 6.331 C 1.361 5.799 2.082 5.501 2.833 5.501 L 3.149 5.495 C 6.447 5.372 10.631 3.368 13.615 0.761 L 13.623 0.754 C 14.193 0.267 14.918 0 15.666 0 C 16.369 0 17.049 0.235 17.601 0.665 L 17.709 0.754 L 17.718 0.761 L 18.012 1.013 C 21.086 3.595 25.261 5.501 28.5 5.501 C 29.251 5.501 29.972 5.799 30.503 6.331 C 31.035 6.862 31.333 7.583 31.333 8.334 Z" fill="rgb(0, 0, 0)" height="38.67256707920582px" id="NDHVHZK7_" transform="translate(6.333 1.666)" width="31.333492px"/></svg>)
Concord uses redundant geo-dispersed servers; we can adjust their capabilities in real-time depending on the current load. In addition to data replication, automated full daily backups prevent any data loss. All backups are encrypted.
![](data:image/svg+xml,<svg display="block" role="presentation" viewBox="0 0 42 42" xmlns="http://www.w3.org/2000/svg"><path d="M 36.667 19.334 C 36.667 9.761 28.906 2 19.334 2 C 9.761 2 2 9.761 2 19.334 C 2 28.906 9.761 36.667 19.334 36.667 C 28.906 36.666 36.666 28.906 36.667 19.334 Z M 19.352 25.667 L 19.454 25.672 C 19.958 25.723 20.352 26.149 20.352 26.667 C 20.352 27.184 19.958 27.61 19.454 27.662 L 19.352 27.667 L 19.334 27.667 C 18.781 27.667 18.334 27.219 18.334 26.667 C 18.334 26.114 18.781 25.667 19.334 25.667 Z M 18.334 19.334 L 18.334 12 C 18.334 11.448 18.781 11 19.334 11 C 19.886 11 20.334 11.448 20.334 12 L 20.334 19.334 C 20.333 19.886 19.886 20.333 19.334 20.334 C 18.781 20.334 18.334 19.886 18.334 19.334 Z M 38.667 19.334 C 38.666 30.011 30.011 38.666 19.334 38.667 C 8.656 38.667 0 30.011 0 19.334 C 0 8.656 8.656 0 19.334 0 C 30.011 0 38.667 8.656 38.667 19.334 Z" fill="rgb(0, 0, 0)" height="38.666512999999995px" id="GB19ZQTVM" transform="translate(1.667 1.667)" width="38.666508px"/></svg>)
Concord’s infrastructure provides security and application monitoring and alerts. Concord has a strict incident management policy in place, in case of a critical alert.
![](data:image/svg+xml,<svg display="block" role="presentation" viewBox="0 0 42 42" xmlns="http://www.w3.org/2000/svg"><path d="M 29.333 8.334 C 29.333 8.113 29.245 7.901 29.089 7.745 C 28.933 7.589 28.721 7.501 28.5 7.501 C 24.514 7.501 19.729 5.172 16.411 2.274 L 16.33 2.212 C 16.137 2.075 15.905 2 15.666 2 C 15.394 2 15.13 2.097 14.923 2.274 L 14.922 2.274 C 11.726 5.063 7.119 7.354 3.21 7.494 L 2.833 7.501 C 2.612 7.501 2.4 7.589 2.244 7.745 C 2.088 7.901 2 8.113 2 8.334 L 2 21.167 C 2 25.487 3.5 28.674 5.879 31.111 C 8.136 33.422 11.223 35.097 14.69 36.364 L 15.388 36.612 L 15.411 36.621 L 15.479 36.643 C 15.637 36.686 15.804 36.682 15.961 36.631 C 19.703 35.327 23.051 33.582 25.456 31.114 C 27.833 28.675 29.333 25.487 29.333 21.167 Z M 20.459 14.96 C 20.85 14.57 21.483 14.57 21.873 14.96 C 22.264 15.351 22.264 15.984 21.873 16.374 L 14.54 23.708 C 14.353 23.895 14.099 24.001 13.833 24.001 C 13.568 24.001 13.314 23.895 13.126 23.708 L 9.459 20.041 L 9.391 19.965 C 9.071 19.573 9.093 18.993 9.459 18.627 C 9.826 18.261 10.405 18.238 10.798 18.559 L 10.873 18.627 L 13.833 21.586 Z M 31.333 21.167 C 31.333 26.015 29.625 29.702 26.888 32.51 C 24.347 35.117 20.959 36.928 17.345 38.26 L 16.619 38.52 L 16.611 38.523 C 16.001 38.729 15.34 38.722 14.735 38.502 L 14.735 38.503 C 10.84 37.158 7.161 35.287 4.448 32.509 C 1.708 29.702 0 26.015 0 21.167 L 0 8.334 C 0 7.583 0.299 6.862 0.83 6.331 C 1.361 5.799 2.082 5.501 2.833 5.501 L 3.149 5.495 C 6.447 5.372 10.631 3.368 13.615 0.761 L 13.623 0.754 C 14.193 0.267 14.918 0 15.666 0 C 16.369 0 17.049 0.235 17.601 0.665 L 17.709 0.754 L 17.718 0.761 L 18.012 1.013 C 21.086 3.595 25.261 5.501 28.5 5.501 C 29.251 5.501 29.972 5.799 30.503 6.331 C 31.035 6.862 31.333 7.583 31.333 8.334 Z" fill="rgb(0, 0, 0)" height="38.67256707920582px" id="deeTEamO2" transform="translate(6.333 1.666)" width="31.333492px"/></svg>)
Concord performs bi-annual external penetration testing as well as a daily internal scan. Concord follows SDLC principles, and addresses any identified vulnerabilities based on a well-defined vulnerability management policy.
![](data:image/svg+xml,<svg display="block" role="presentation" viewBox="0 0 42 42" xmlns="http://www.w3.org/2000/svg"><path d="M 31.167 35.833 L 31.167 31.333 L 26.667 31.333 C 26.114 31.333 25.667 30.886 25.667 30.333 C 25.667 29.781 26.114 29.334 26.667 29.333 L 31.167 29.333 L 31.167 24.833 C 31.167 24.281 31.614 23.834 32.167 23.833 C 32.719 23.833 33.167 24.281 33.167 24.833 L 33.167 29.333 L 37.667 29.333 L 37.769 29.338 C 38.273 29.39 38.667 29.816 38.667 30.333 C 38.666 30.851 38.273 31.277 37.769 31.328 L 37.667 31.333 L 33.167 31.333 L 33.167 35.833 C 33.166 36.386 32.719 36.833 32.167 36.833 C 31.614 36.833 31.167 36.386 31.167 35.833 Z M 23.834 10.166 C 23.833 5.656 20.177 2 15.666 2 C 11.156 2 7.5 5.656 7.5 10.166 C 7.5 14.67 11.145 18.321 15.645 18.333 C 15.661 18.333 15.678 18.333 15.694 18.333 C 20.192 18.318 23.834 14.668 23.834 10.166 Z M 25.833 10.166 C 25.833 14.024 23.684 17.381 20.519 19.103 C 22.454 19.733 24.255 20.737 25.816 22.065 L 26.03 22.25 L 26.103 22.322 C 26.448 22.694 26.461 23.273 26.119 23.662 C 25.776 24.05 25.199 24.109 24.787 23.814 L 24.707 23.75 L 24.521 23.588 C 22.582 21.94 20.22 20.864 17.701 20.485 C 17.049 20.387 16.394 20.336 15.74 20.332 C 15.716 20.333 15.691 20.334 15.666 20.334 C 15.653 20.334 15.64 20.333 15.627 20.332 C 13.709 20.338 11.806 20.748 10.044 21.543 C 7.647 22.625 5.612 24.376 4.186 26.585 C 2.759 28.795 2 31.37 2 34 C 2 34.552 1.552 35 1 35 C 0.448 35 0 34.552 0 34 C 0 30.985 0.87 28.034 2.505 25.5 C 4.141 22.968 6.473 20.96 9.221 19.72 C 9.742 19.485 10.274 19.279 10.814 19.102 C 7.649 17.38 5.5 14.024 5.5 10.166 C 5.5 4.552 10.052 0 15.666 0 C 21.281 0 25.833 4.552 25.833 10.166 Z" fill="rgb(0, 0, 0)" height="36.833499908447266px" id="rteH2wsvX" transform="translate(3 4)" width="38.666500091552734px"/></svg>)
Concord only uses third-party subprocessors after performing careful due diligence. We perform an annual review of all our subprocessors.
![](data:image/svg+xml,<svg display="block" role="presentation" viewBox="0 0 42 42" xmlns="http://www.w3.org/2000/svg"><path d="M 36.667 11.167 L 2 11.167 L 2 23 C 2 24.473 3.194 25.666 4.667 25.667 L 34 25.667 C 35.473 25.667 36.667 24.473 36.667 23 Z M 36.667 4.667 C 36.666 3.194 35.473 2 34 2 L 4.667 2 C 3.194 2 2 3.194 2 4.667 L 2 9.167 L 36.667 9.167 Z M 38.667 23 C 38.667 25.577 36.577 27.667 34 27.667 L 4.667 27.667 C 2.089 27.666 0 25.577 0 23 L 0 4.667 C 0 2.089 2.089 0 4.667 0 L 34 0 C 36.577 0 38.666 2.089 38.667 4.667 Z" fill="rgb(0, 0, 0)" height="27.666513000000002px" id="yicPQXhrE" transform="translate(1.667 6.167)" width="38.666508px"/></svg>)
Concord uses a PCI Data Security Standard (PCI DSS) Level 1 provider to process payments. PCI Data Security Standard (PCI DSS), to maintain a secure environment.
![](data:image/svg+xml,<svg display="block" role="presentation" viewBox="0 0 42 42" xmlns="http://www.w3.org/2000/svg"><path d="M 19.488 0.006 C 19.798 0.032 20.098 0.133 20.361 0.3 L 20.49 0.39 L 20.61 0.489 C 20.843 0.697 21.021 0.959 21.129 1.251 L 21.177 1.4 L 21.183 1.42 L 24.081 12.668 L 24.131 12.838 C 24.262 13.233 24.483 13.592 24.777 13.887 C 25.114 14.224 25.536 14.465 25.997 14.584 L 25.997 14.584 L 37.244 17.482 L 37.261 17.486 C 37.614 17.584 37.932 17.781 38.176 18.052 L 38.276 18.172 L 38.366 18.301 C 38.562 18.609 38.667 18.967 38.667 19.334 C 38.667 19.753 38.53 20.161 38.276 20.495 C 38.053 20.787 37.753 21.008 37.41 21.134 L 37.261 21.182 C 37.255 21.183 37.25 21.185 37.244 21.186 L 25.997 24.084 L 25.997 24.085 C 25.536 24.204 25.114 24.444 24.777 24.781 C 24.44 25.118 24.2 25.539 24.081 26.001 L 21.181 37.248 L 21.175 37.268 C 21.063 37.67 20.821 38.025 20.488 38.278 C 20.155 38.531 19.748 38.668 19.33 38.668 C 18.911 38.668 18.505 38.531 18.171 38.278 C 17.88 38.057 17.658 37.757 17.532 37.416 L 17.484 37.268 C 17.482 37.261 17.48 37.254 17.478 37.248 L 14.58 26.001 L 14.53 25.829 C 14.399 25.435 14.179 25.076 13.884 24.781 C 13.589 24.486 13.229 24.265 12.835 24.135 L 12.664 24.085 L 1.417 21.184 L 1.394 21.178 C 0.992 21.064 0.639 20.822 0.388 20.489 C 0.168 20.198 0.036 19.851 0.006 19.49 L 0 19.334 L 0.006 19.178 C 0.036 18.817 0.168 18.469 0.388 18.178 L 0.486 18.058 C 0.728 17.787 1.042 17.589 1.394 17.49 L 1.417 17.484 L 12.664 14.582 L 12.835 14.531 C 13.229 14.401 13.589 14.18 13.883 13.886 C 14.22 13.549 14.461 13.128 14.58 12.667 L 17.48 1.42 L 17.486 1.4 L 17.534 1.251 C 17.66 0.91 17.882 0.611 18.173 0.39 L 18.301 0.3 C 18.608 0.105 18.965 0 19.332 0 Z M 16.517 13.167 L 16.517 13.168 C 16.308 13.975 15.887 14.711 15.297 15.3 C 14.745 15.853 14.062 16.257 13.314 16.477 L 13.164 16.518 L 2.252 19.334 L 13.164 22.148 L 13.314 22.189 C 14.063 22.409 14.745 22.814 15.298 23.367 C 15.851 23.92 16.255 24.602 16.475 25.35 L 16.517 25.501 L 16.517 25.501 L 19.329 36.417 L 22.145 25.501 L 22.145 25.501 L 22.186 25.35 C 22.406 24.602 22.81 23.92 23.363 23.367 C 23.953 22.777 24.69 22.356 25.498 22.148 L 36.416 19.334 L 25.498 16.52 C 24.69 16.312 23.953 15.891 23.363 15.301 C 22.774 14.712 22.353 13.975 22.145 13.167 L 22.145 13.167 L 19.331 2.251 Z M 3.664 32.167 L 3.664 31.334 L 2.831 31.334 C 2.278 31.334 1.831 30.886 1.831 30.334 C 1.831 29.782 2.278 29.334 2.831 29.334 L 3.664 29.334 L 3.664 28.501 C 3.664 27.948 4.112 27.501 4.664 27.501 C 5.216 27.501 5.664 27.948 5.664 28.501 L 5.664 29.334 L 6.497 29.334 C 7.049 29.334 7.497 29.782 7.497 30.334 C 7.497 30.886 7.049 31.334 6.497 31.334 L 5.664 31.334 L 5.664 32.167 C 5.664 32.719 5.216 33.167 4.664 33.167 C 4.112 33.167 3.664 32.719 3.664 32.167 Z M 32.997 10.167 L 32.997 7.5 L 30.331 7.5 C 29.778 7.5 29.331 7.053 29.331 6.5 C 29.331 5.948 29.778 5.5 30.331 5.5 L 32.997 5.5 L 32.997 2.834 C 32.997 2.282 33.445 1.834 33.997 1.834 C 34.549 1.834 34.997 2.282 34.997 2.834 L 34.997 5.5 L 37.664 5.5 C 38.216 5.501 38.664 5.948 38.664 6.5 C 38.664 7.053 38.216 7.5 37.664 7.5 L 34.997 7.5 L 34.997 10.167 C 34.997 10.719 34.549 11.167 33.997 11.167 C 33.445 11.167 32.997 10.719 32.997 10.167 Z" fill="rgb(0, 0, 0)" height="38.667501px" id="EqzZOet7A" transform="translate(1.67 1.666)" width="38.667478px"/></svg>)
Concord’s Agreement Intelligence enables automated extraction of key information with AI. Concord’s AI provider has signed an agreement that requires them to adhere to a zero data retention policy. No customer data is used for AI model training.
Concord stores all content in geographically dispersed, ISO 27001-certified and SSAE 16-audited, data centers throughout the United States and Europe. These data centers include state-of-the-art physical and environmental access controls and safety features.
All data in Concord is encrypted in transit and at rest. We use TLS 1.2 or higher for data in transit, and banking industry standard AES-256 encryption for data at rest.
Concord employees only have access to customer data on a strict need-to-know basis. Customers have granular access management with complex passwords, SSO, and two-factor authentication (2FA).
Concord uses redundant geo-dispersed servers; we can adjust their capabilities in real-time depending on the current load. In addition to data replication, automated full daily backups prevent any data loss. All backups are encrypted.
Concord’s infrastructure provides security and application monitoring and alerts. Concord has a strict incident management policy in place, in case of a critical alert.
Concord performs bi-annual external penetration testing as well as a daily internal scan. Concord follows SDLC principles, and addresses any identified vulnerabilities based on a well-defined vulnerability management policy.
Concord only uses third-party subprocessors after performing careful due diligence. We perform an annual review of all our subprocessors.
Concord uses a PCI Data Security Standard (PCI DSS) Level 1 provider to process payments. PCI Data Security Standard (PCI DSS), to maintain a secure environment.
Concord’s Agreement Intelligence enables automated extraction of key information with AI. Concord’s AI provider has signed an agreement that requires them to adhere to a zero data retention policy. No customer data is used for AI model training.
Concord stores all content in geographically dispersed, ISO 27001-certified and SSAE 16-audited, data centers throughout the United States and Europe. These data centers include state-of-the-art physical and environmental access controls and safety features.
All data in Concord is encrypted in transit and at rest. We use TLS 1.2 or higher for data in transit, and banking industry standard AES-256 encryption for data at rest.
Concord employees only have access to customer data on a strict need-to-know basis. Customers have granular access management with complex passwords, SSO, and two-factor authentication (2FA).
Concord uses redundant geo-dispersed servers; we can adjust their capabilities in real-time depending on the current load. In addition to data replication, automated full daily backups prevent any data loss. All backups are encrypted.
Concord’s infrastructure provides security and application monitoring and alerts. Concord has a strict incident management policy in place, in case of a critical alert.
Concord performs bi-annual external penetration testing as well as a daily internal scan. Concord follows SDLC principles, and addresses any identified vulnerabilities based on a well-defined vulnerability management policy.
Concord only uses third-party subprocessors after performing careful due diligence. We perform an annual review of all our subprocessors.
Concord uses a PCI Data Security Standard (PCI DSS) Level 1 provider to process payments. PCI Data Security Standard (PCI DSS), to maintain a secure environment.
Concord’s Agreement Intelligence enables automated extraction of key information with AI. Concord’s AI provider has signed an agreement that requires them to adhere to a zero data retention policy. No customer data is used for AI model training.
Product Security
Product Security
Product Security
Identity & 2FA
In Concord, administrators can create as many users roles and categories as are required by their organization’s workflow. Admins can grant rights on a feature-by-feature basis, and control the types of documents that each user can view — ensuring that only authorized individuals can access designated contracts, or confidential and sensitive documents, while admins maintain granular control over their data. You can set up SSO and 2FA for your employees.
Identity & 2FA
In Concord, administrators can create as many users roles and categories as are required by their organization’s workflow. Admins can grant rights on a feature-by-feature basis, and control the types of documents that each user can view — ensuring that only authorized individuals can access designated contracts, or confidential and sensitive documents, while admins maintain granular control over their data. You can set up SSO and 2FA for your employees.
Identity & 2FA
In Concord, administrators can create as many users roles and categories as are required by their organization’s workflow. Admins can grant rights on a feature-by-feature basis, and control the types of documents that each user can view — ensuring that only authorized individuals can access designated contracts, or confidential and sensitive documents, while admins maintain granular control over their data. You can set up SSO and 2FA for your employees.
Signature
Concord’s e-signatures comply with eIDAS, UETA and the eSign Act. Our e-signatures are legal in more than 150 countries (and counting), and comply with regulations throughout the world. After you sign a document, you can easily download an e-signature certificate that will be valid forever. See more information here.
Signature
Concord’s e-signatures comply with eIDAS, UETA and the eSign Act. Our e-signatures are legal in more than 150 countries (and counting), and comply with regulations throughout the world. After you sign a document, you can easily download an e-signature certificate that will be valid forever. See more information here.
Signature
Concord’s e-signatures comply with eIDAS, UETA and the eSign Act. Our e-signatures are legal in more than 150 countries (and counting), and comply with regulations throughout the world. After you sign a document, you can easily download an e-signature certificate that will be valid forever. See more information here.
Audit trail
The audit trail logs all of the activity that occurs in a document, including the date, time, and the person who performed each action. It will continue to record actions taken in a document even after it has been signed. This includes invitations, changes to the lifecycle dates, and termination of the document. The audit trail and documents cannot be tampered with. This will be particularly important if you ever have to present court-admissible evidence.
Audit trail
The audit trail logs all of the activity that occurs in a document, including the date, time, and the person who performed each action. It will continue to record actions taken in a document even after it has been signed. This includes invitations, changes to the lifecycle dates, and termination of the document. The audit trail and documents cannot be tampered with. This will be particularly important if you ever have to present court-admissible evidence.
Audit trail
The audit trail logs all of the activity that occurs in a document, including the date, time, and the person who performed each action. It will continue to record actions taken in a document even after it has been signed. This includes invitations, changes to the lifecycle dates, and termination of the document. The audit trail and documents cannot be tampered with. This will be particularly important if you ever have to present court-admissible evidence.
Take the "management" out of contract management.
Join thousands of companies using Concord every day.
01
Upload your contracts
Quickly create a searchable repository of business agreements with bulk import and AI.
02
Let AI do the work
Concord's AI automatically extracts key dates, payment terms, and other core information.
03
Go do something else
Eliminate manual contract work so you can spend your time on the things that matter most.
Take the "management" out of contract management.
Start improving your contract process today — no complexity, no hidden fees.
01
Upload your contracts
Quickly create a searchable repository of business agreements with bulk import and AI.
02
Let AI do the work
Concord's AI automatically extracts key dates, payment terms, and other core information.
03
Go do something else
Eliminate manual contract work so you can spend your time on the things that matter most.
Take the "management" out of contract management.
Start improving your contract process today — no complexity, no hidden fees.
01
Upload your contracts
Quickly create a searchable repository of business agreements with bulk import and AI.
02
Let AI do the work
Concord's AI automatically extracts key dates, payment terms, and other core information.
03
Go do something else
Eliminate manual contract work so you can spend your time on the things that matter most.
Product
Legal
© 2025 Concord. All rights reserved.
Product
Legal
© 2025 Concord. All rights reserved.
Product
Legal
© 2025 Concord. All rights reserved.