How can we help you?

Security & compliance at Cinapse

How Cinapse protects your data: SOC 2-aligned security, encryption, US hosting, access controls and SSO, and how to request security/compliance documentation.

At Cinapse, your security and privacy are our top priorities. We're committed to protecting the personal and production data you entrust to us, with the highest standards of confidentiality across every project. This page summarizes how we protect your data, and how studios and IT teams can request more detail.

Cinapse was acquired by Wrapbook in 2025 (Variety).

Organizational commitment

Security is a core organizational and business priority at Cinapse, and our founding team has a background in cryptography. Our Information Security Program adheres to the rigorous standards outlined by the SOC 2 Framework, a widely recognized industry standard for information security auditing.

Regular audits and assessments

We undergo frequent independent third-party audits, security assessments, penetration tests, and vulnerability scans to uphold the security posture of our services.

Documentation available on request

For security and compliance reviews, we can provide a penetration-test summary and a VPAT (accessibility) summary. Email security@cinapse.io to request them.

Identity and access management

We follow the principle of least privilege, so Cinapse employees can access only the data and systems essential to their roles, enforced with two-factor authentication (2FA) and Single Sign-On.

You can sign in to Cinapse with Google or Apple SSO, with an email and password, or (for studios) by logging in with your work account (SSO administered at the studio level).

Security of production data

Your production data is hosted on reputable platforms (Amazon Web Services (AWS), Cloudflare, and Render), each with robust security programs and certifications. All data is hosted on AWS and Render in the United States, with databases encrypted at rest and applications encrypting data in transit using TLS/SSL. We actively monitor and log our cloud services.

Employee training and compliance

All employees complete regular Security Awareness Training, sign an industry-standard confidentiality agreement before starting, and undergo background checks in compliance with applicable local, state, and federal laws.

Business continuity and disaster recovery

We maintain a Business Continuity and Disaster Recovery plan to minimize the risk of data loss, including provider backup services and monitoring to promptly address potential failures.

Vendor accountability

We hold vendors accountable for the security and privacy of your data, with annual risk assessments and comprehensive reviews before authorizing new vendors (and annual re-evaluation for high-risk vendors).

Questions or a security review?

Email our security team at security@cinapse.io for security, privacy, or compliance requests. For general help, contact support@cinapse.io.

Did this answer your question?
😞
😐
🤩