Trust is the Foundation of our Platform.
We take security, privacy, and ethical practices seriously. Here's how we protect your data and maintain the integrity of our service.
Security
Data Handling
Code of Ethics
Procurement breaks when incentives get weird. SourceSight is built to reduce bias and keep recommendations grounded in evidence, not vendor influence.
No Pay-to-Play
Vendors cannot pay to influence recommendations or rankings. Our insights are based purely on data and your best interest.
Transparent Methodology
We explain how benchmarks are calculated and where data comes from. No black boxes.
Customer-First Recommendations
Our AI is designed to maximize your savings and reduce your risk—not to push any particular vendor.
Conflict Disclosure
If we ever have relationships that could create conflicts, we disclose them clearly.
Compliance
We're committed to meeting the standards your organization requires.
SOC 2 Type II
Our infrastructure is built upon AWS's secure, SOC 2 Type II and ISO 27001 certified cloud environment.
GDPR
We are committed to protecting user privacy and align our data practices with the EU General Data Protection Regulation (GDPR). We do not sell personal data and support data access, correction, and deletion requests. We are actively formalizing our GDPR compliance program, including vendor DPAs, privacy policies, and consumer rights workflows.
CCPA
We are committed to privacy and align our data handling practices with the requirements of the California Consumer Privacy Act (CCPA). We do not sell personal data and provide tools for data access and deletion upon request.