Pingtree logo

Trust Center

Built for secure lead generation and distribution.

Pingtree helps performance marketing teams collect, route, verify, and distribute lead data. This page summarizes the security, privacy, reliability, and compliance practices that support the platform.

View SLAContact support

SOC 2 status

Readiness planned. Audit not yet started.

Planned

99.5%

Monthly uptime target

TLS 1.2+

Encryption in transit

AWS KMS

Sensitive data encryption

SOC 2

Readiness planned

Current

Security program documented

Public SLA, security controls, data protection measures, and operational responsibilities are documented for customer review.

Next

SOC 2 readiness

Pingtree is preparing for SOC 2 readiness work, including control mapping, evidence collection, access reviews, change management, and vendor risk documentation.

Planned

Independent assessment

After readiness work is complete, Pingtree intends to begin the formal audit path with an independent CPA firm.

Controls

Practical safeguards for lead data workflows.

Pingtree is designed for teams that move sensitive lead data between campaigns, buyers, CRMs, and verification partners. Controls focus on access, data handling, system availability, and operational traceability.

Application security

  • JWT-based authentication and role-based access controls
  • Login brute-force protection and request rate limiting
  • Input validation for API, campaign, routing, and webhook workflows
  • Client-specific API tokens for controlled lead access

Infrastructure security

  • AWS ECS/Fargate services with containerized deployment boundaries
  • AWS CloudWatch logging for production service visibility
  • AWS WAF protection for public application surfaces
  • AWS KMS support for sensitive data encryption and decryption workflows

Data protection

  • TLS 1.2 or higher for data in transit
  • MongoDB Atlas used for core platform data storage
  • S3-backed file storage for platform assets and operational artifacts
  • Deletion request workflow documented in the public SLA

Operational resilience

  • Dedicated backend services for API, webhooks, billing, cron, socket, email, and payout workflows
  • Redis-backed caching and rate-limit settings for performance-sensitive paths
  • Application Load Balancer health checks and service monitoring
  • Disaster recovery objectives documented in the public SLA

Platform stack

Cloud infrastructure with service separation.

The backend is organized into dedicated services for API traffic, webhook delivery, billing, scheduled jobs, sockets, email, and payout workflows. This keeps critical lead routing paths separated from supporting operations.

AWS ECS/Fargate
AWS CloudWatch
AWS WAF
AWS KMS
AWS S3
MongoDB Atlas
Redis
Elasticsearch
Node.js / Express
Socket.IO
SendGrid
Stripe

Third parties

Core providers used to operate Pingtree.

Pingtree depends on trusted infrastructure and service providers. Usage can vary by customer workflow and enabled integrations.

ProviderPurpose
Amazon Web ServicesCloud hosting, network, storage, logging, and security services
MongoDB AtlasManaged database hosting and backups
SendGridTransactional email delivery
StripeBilling and payment processing
VZEW / ArrayCredit verification and lead enrichment where configured by customer workflows

Need security details?

Customers can request security questionnaires, platform documentation, and SLA details through support.

support@pingtree.com
Drive Quality Traffic, Maximize Growth, Convert More Customers!
Boost your business with targeted strategies that attract high-quality traffic, enhance conversions, and accelerate growth.
Pingtree
We Drive Real Result, More Traffic, More Leads, more Growth!
Company
Pricing
Documentation
Schedule Demo
Contact Us
Resources
ProductHelp CenterTrust Center
Getting Started
Using Copilot
Tracking Docs
2026 Pingtree LLC
Contact Support