Spotnana powers Expensify’s new travel offering
Learn more

Security and Trust

Spotnana goes to great lengths to ensure that customer data remains safe and secure. When using our Travel-as-a-Service Platform, your data benefits from multiple layers of security and governance technologies, operational practices, and compliance policies enforced by Spotnana.

Spotnana sheild logo with airplane icon flying around for security and trust

Our commitments

Security is core to our mission at Spotnana. To find out more information, download our Security White Paper.

  • red key lock icon with password protection and verification symbol for security and trust

    Spotnana’s Security team conducts regular reviews of application design, architecture and features related to the security of the platform, along with a series of automated security vulnerability scans (static code analysis, container scanning, etc.). Third-party pentesting is also conducted at least annually. All vulnerabilities identified are managed under a well-established SLA for remediation.

  • icon of computer monitor with eye on screen for security and trust

    Spotnana takes privacy seriously. All Spotnana employees undergo training in data privacy and security, and we have a team dedicated to the management of these issues.

  • icon of ISO, PCI-DSS Compliance, and AICPA SOC for security and trust

    In line with the requirements of ISO 27001:2013, Spotnana has implemented an ISMS system and obtained ISO 27001:2013 certification. Spotnana also complies with trust services security criteria under AICPA and has obtained an independent auditor report for SOC2 Type 2 compliance.