Secure and private by default

We take the responsibility of helping you manage your customer data seriously. That’s why security and privacy are key focus areas for our organization and product development.

Forethought’s commitment to data privacy

Adhering to local regulations is only one component of our commitment to privacy. Our higher order mission is to treat you and your customers with the respect you deserve.


Data Processing Agreement
Our Data Processing Agreement (DPA) reflects the requirements of the GDPR, and CCPA


Privacy by Design
We take steps to protect your data and comply with the relevant data protection laws. 


Privacy Policy
Our Privacy Policy honors the GDPR and CCPA


Data Protection Officer
Forethought has appointed a Data Protection Officer to oversee our ongoing compliance efforts.

Internal Security

Data Encryption

Your data is encrypted at rest and protected by TLS in transit. We manage our production secrets with AWS tools.

Rigorous Product Design

Our projects pass thorough security-design reviews, threat models, and regular pen tests using trusted security vendors.

Company Training

All employees are required to complete security and privacy training. In addition, engineers must complete specialized security training.

Compliance Standards

Forethought operates in compliance with key information security standards and regulations. Our services are independently audited and certified to meet compliance standards for security, availability and confidentiality. We are compliant with ISO 27001 and certified for SOC 2.

General Security Questions

If you have general security questions or concerns please email us at security [at]

Email us