// Trust & Security Report

    Peaberry Software Inc. logo

    Peaberry Software Inc.

    Customer engagement platform with automation, data activation, and AI-powered messaging across email, SMS, WhatsApp, push, and in-app channels. Includes Data Warehouse, Design Studio, Journey Builder, AI Agent, and Analytics.

    Certifications held

    5

    Maturity

    Enterprise

    Trains on your data

    No

    Trust center

    Yes

    // Certification ledger

    Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.

    SOC 2 Type II
    HELD

    SOC 2 Type II certified. Successfully completed examination for Security and Availability

    Verify on docs.customer.io
    ISO 27001
    HELD

    Certified as of September 24, 2024. Expiration: September 24, 2027. Certificate number and issuer: Aprio, LLP. Scope: Information Security Management System (ISMS) of Customer.io's Marketing Automation Platform and Content Creation Tool

    Verify on docs.customer.io
    GDPR
    HELD

    GDPR compliant. Acts as a Processor. Secures data storage and transfer. Data in North America data center remains there unless sent to external service. Supports right to be forgotten and data suppression

    Verify on docs.customer.io
    HIPAA
    HELD

    HIPAA compliant and HIPAA-ready. Business Associate Agreement (BAA) available for premium customers. Supports HIPAA-eligible SMS

    Verify on docs.customer.io
    CCPA
    HELD

    CCPA compliant. Supports U.S. state data privacy laws compliance

    Verify on customer.io
    > Show 1 unconfirmed / not-held certifications
    PCI DSS
    NOT CONFIRMED

    Credit card data handled by Stripe (PCI Service Provider Level 1 certified), not Customer.io directly. Customer.io does not process credit cards

    source: customer.io

    // Privacy & AI training

    Trains on customer data

    No

    Data processing agreement

    Offered

    Data region

    North America (default). EU data center option available

    Customer.io does NOT train on customer data. Third-party AI providers are contractually prohibited from using inputs/outputs to train foundation models. Only attribute names and event descriptions (not values) are used with AI

    // Security controls

    Encryption in Transit

    TLS 1.2+ (HTTPS)

    customer.io

    Encryption at Rest

    Cloud KMS (Google Cloud Key Management Service)

    customer.io

    Authentication

    Password hashing, 2FA, SSO available

    customer.io

    Access Control

    Role-based permissions enforced

    customer.io

    Data Processing Agreement

    Standard Contractual Clauses (SCCs) incorporated. DPA available

    customer.io

    // Products & data scope

    Email MarketingCommunication

    data: Customer engagement data, behavioral triggers

    Core offering with journey automation

    SMS MarketingCommunication

    data: Customer engagement data, behavioral triggers

    HIPAA-eligible SMS available

    WhatsApp MarketingCommunication

    data: Customer engagement data, behavioral triggers

    Omnichannel messaging

    Push NotificationsCommunication

    data: Customer engagement data, behavioral triggers

    In-app and mobile push

    In-App MessagingCommunication

    data: Customer engagement data, behavioral triggers

    Real-time messaging

    Data WarehouseData

    data: Customer data ingestion and storage

    Data activation and integration hub

    AI AgentAI

    data: Campaign metadata, customer behavior insights

    Conversational campaign builder. Does not train on customer data

    Journey BuilderAutomation

    data: Customer segmentation and behavioral triggers

    Visual workflow automation

    AnalyticsAnalytics

    data: Campaign performance and engagement metrics

    Real-time reporting and insights

    Design StudioMessaging

    data: Campaign content and templates

    No-code message design

    // At a glance

    Pricing model

    Subscription-based (engagement volume and features). 14-day free trial available

    Self-hostable

    No

    // How we verified this

    Every certification marked HELD is confirmed against a verbatim quote on Peaberry Software Inc.'s own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.

    Last verified 2026-07-06. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.

    customer.io

    > Browse all vendor trust reports