GABLE SECURITY

Safeguard Your Workplace with Confidence

We prioritize your company’s data security, protect your employees' and visitors' privacy, and ensure compliance with industry standards—empowering a safe and seamless workplace.
Get a demo

Data security

We prioritize data security by retaining only essential information, securely storing it, and protecting it with industry-standard encryption at all stages.

Privacy & compliance

We safeguard employee and visitor data with SOC 2, CCPA, and GDPR compliance, prioritizing privacy at every step from collection to retention and disclosure

Access Management

Gable streamlines role-based access control, enabling admins to assign granular permissions. It integrates with SSO and HRIS for automated security and user deprovisioning

Protecting Your Data and Privacy


At Gable, we understand the importance of your data’s confidentiality and integrity. We are dedicated to providing you with a secure, reliable service built on robust security practices and a commitment to privacy.



Keeping Your Data Secure

Gable’s secure infrastructure and proactive measures are designed to protect your sensitive information at every stage of its journey.



Our Infrastructure

Data Encryption
All information exchanged between your devices and Gable’s services is transmitted using TLS v1.2 (or higher). Data stored on our cloud infrastructure is encrypted using industry-standard algorithms (such as AES-256) to ensure that your data remains safe both in transit and at rest.

Data Storage
Gable utilizes leading cloud providers to store your information in secure, geographically distributed data centers. Daily backups are performed and maintained on different regions to provide additional assurance against data loss or hardware failure. Physical security and strict access controls are enforced at all data center locations.



Reliability

Uptime Commitment
We strive for a 99.7% uptime, employing advanced monitoring tools and distributed defenses—including protection against denial-of-service (DoS) attacks—to keep our services continuously available.



Third-Party Verification

Vulnerability Testing
Gable conducts regular vulnerability assessments using automated scanning, peer reviews, and penetration tests. All external access is filtered through secure gateways that automatically block suspicious activity.

Certifications
Our security protocols have been audited by independent third parties to ensure they meet industry standards, including Service Organization Controls (SOC 2 Type II).


Protecting Your Privacy

Your privacy is central to everything we do at Gable. We implement strict controls to ensure that personal data is handled responsibly and with respect.

Data Protection

We maintain a strict policy: your data is never sold, and we do not use your visitor or employee information for marketing or unsolicited outreach without your consent. Our support team accesses your account only when necessary to resolve technical issues.

Access Management

Gable simplifies the management of user permissions through role-based access control. Administrators can assign permissions at a granular level to ensure that only authorized personnel have access to data. Integration with all popular SSO providers and HRIS systems further enhances security and allows for automated access control and user deprovisioning.

1Regulatory Compliance

GDPR
Gable is committed to complying with the EU General Data Protection Regulation (GDPR). We have established comprehensive policies and practices to support your own compliance efforts as well as our internal standards for data protection.

Gable Subprocessors

Subprocessor name
Location
Processing Purpose

Amazon (AWS)

410 Terry Avenue North Seattle, WA
98109-5210, United State

Hosting and database storage

Hubspot

2 Canal Park, Cambridge, MA 02141, United State

Marketing and product updates

Sendgrid

1801 California Street, Suite 500, Denver, Colorado 80202, United States

Email generated by the application

Mixpanel

Pier 1, Bay 2, The Embarcadero, San Francisco, CA 94111, United States

Analytics regarding users’ interactions with our Site

LogRocket

87 Summer Street, Suite 301, Boston, MA 02110, United States

Error management and insight into application faults

Sentry

45 Fremont Street, 8th Floor, San Francisco, CA 94105, United States

Realtime error logging and reporting

Intercom

55 2nd Street, 4th Floor, San Francisco, CA 94105, United States

Support chat and notification

Stripe

354 Oyster Point Blvd, South San Francisco, CA 94080, United States

Payment Processing

PagerDuty

600 Townsend Street, Suite 200, San Francisco, CA 94103, United States

Escalation of support tickets and support cases

WorkOS

548 Market St Pmb 86125, San Francisco, CA 94104, United States

Cross-domain identity management

Google Gemini

1600 Amphitheatre Parkway in Mountain View, CA, United States

AI models in support of Gable’s AI powered features

FAQs

Data

How does Gable handle data storage and security?
Gable stores all customer and employee data in a secure, cloud-based environment with robust physical and network safeguards. Our platform employs strict access controls, continuous monitoring, and industry-standard encryption to protect against unauthorized access, ensuring data integrity and confidentiality at all times.
What encryption methods does Gable use for data at rest and in transit?
We use AES-256 encryption to secure data at rest in our databases and storage systems, which is widely recognized as one of the strongest encryption standards available. For data in transit, we enforce TLS 1.2+ protocols to safeguard information traveling between our servers and users, preventing interception or tampering.
What are Gable’s data retention policies, and how do you ensure compliance? How is data securely disposed of when it reaches the end of its retention period?
Gable retains data only as long as necessary to fulfill business and compliance requirements, adhering to regulations like GDPR and CCPA. Once data is no longer required, we use secure deletion and cryptographic wiping processes that permanently remove all traces of information, aligning with industry best practices and legal obligations.
What security standards and compliance checks does Gable require from third-party integrations? How is data shared with third parties protected and handled securely?
We evaluate all third-party vendors against recognized standards like SOC 2, ISO 27001, and PCI-DSS (as applicable), ensuring they meet or exceed our security requirements. Any data shared is transferred via secure, encrypted channels, and we limit access to the minimum necessary while enforcing strict contractual obligations around data handling.
How does Gable support SSO integrations, MFA, and access control policies for data security?
Gable supports SSO through established protocols like SAML and OpenID Connect, enabling seamless user authentication with centralized identity providers. We also provide granular role-based access controls, ensuring that only authorized personnel can access sensitive data and system features.

Privacy

How does Gable ensure compliance with global regulations like GDPR, CCPA, and SOC 2 for employee data protection?
We maintain a rigorous privacy-by-design and security-by-design approach throughout our product lifecycle, implementing measures such as data minimization, audit trails, and strict access controls. Regular internal and external audits help us uphold global regulatory standards, while continuous monitoring ensures ongoing compliance.
How does Gable collect, use, and retain employee data in compliance with privacy laws?
Gable collects only the data necessary for legitimate business purposes, clearly disclosing our practices via privacy notices and DPA agreement. We store this information in encrypted, access-controlled systems and retain it based on applicable legal requirements, securely disposing of it when no longer needed.
How does Gable securely manage visitor information and ensure that access is restricted to authorized admins only?
Visitor information is segregated from other datasets and protected using role-based access controls, which allow only authorized administrators to view records. Additionally, we apply stringent logging and monitoring to detect unauthorized attempts, ensuring visitor data remains confidential and secure.

Other

How does Gable identify, assess, and mitigate platform vulnerabilities and security risks?
We conduct regular vulnerability assessments, penetration tests, and code reviews to identify potential weaknesses. Our dedicated security team employs a risk-based approach to promptly address findings, deploying patches and enhancements as needed to keep the platform resilient against emerging threats.
What is Gable’s uptime commitment, and where can I find uptime statistics?
We strive for high availability with a typical commitment of 99.7% uptime. For more information see here.
How does Gable ensure code quality and security in its development process?
Developers at Gable follow secure coding standards, conduct peer reviews, and utilize automated testing tools during the software development lifecycle. We regularly scan for common vulnerabilities and enforce a rigorous quality assurance process that includes staging environment tests and security checks before deployment.
Does Gable store credit card data?
For payment transactions, Gable partners with Stripe, PCI-compliant third-party payment provider, and does not store credit card information on our own servers. This approach ensures that all sensitive payment data is handled securely in compliance with industry regulations.
What is Gable’s process in the event of a security breach?
Gable has a formal incident response plan that includes immediate containment, thorough investigation, and swift notification to impacted parties and relevant authorities, where required. We conduct root cause analyses to remediate vulnerabilities, communicate transparently with affected users, and implement preventive measures to mitigate future risk.
How does Gable ensure redundancy and backups for immediate recovery?
We maintain redundant server clusters and automated backups stored across geographically separate data centers to guard against localized failures. Continuous replication and routine disaster recovery drills ensure we can quickly restore services or data, minimizing downtime and preserving business continuity in the event of an unexpected disruption.
How does Gable maintain comprehensive and transparent audit logs for security and compliance?
All critical system events, user actions, and access records are captured in detailed audit logs that Gable stores securely and retains for compliance purposes. We apply strict internal controls to these logs, limiting access to authorized security personnel only, and regularly review them for signs of suspicious activity or compliance anomalies.

Connect with a Gable expert today!

Get a DemoGet a Demo
Gable helps you source, book, and manage workspaces for your distributed teams

Questions? Contact us:
[email protected]
Featured locations

Get Started

Book a demo
Become a host
Explore Marketplace
Pricing

Product

On Demand
Office Management
Visitor Management
Event Orchestration

NEWS

Blog
Webinars

Download our app

App Store
Play Store
© 2025 Gable
TermsPrivacy