Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » SOC 2 » Privacy

Privacy

Privacy is one of the five trust service criteria of SOC 2. It is information an entity collects, uses, retains, discloses, and disposes to meet its objectives. 

The privacy principle aims to service organizations who handle sensitive personal information do so in a responsible and trustworthy manner. They should have appropriate controls in place to protect the privacy of individuals. This principle guides organizations to handle privacy based on the following:

– Notice and communication of objectives

– Choice and consent

– Collection

– Use, retention, and disposal

– Access

– Disclosure and notification

– Quality

– Monitoring and enforcement

Additional reading

Honest ServiceNow Review 2025: Pros, Cons, Features & Pricing

ServiceNow is an enterprise-grade platform that integrates IT, HR, customer service, and risk management into a single workflow system. However, it comes with trade-offs, such as high licensing costs and complex implementations. It also has a steep learning curve that smaller teams find hard to navigate. A quick ServiceNow Overview Key features Pros Cons Verdict:…

Understanding Data Security Posture Management (DSPM)

The traditional security strategies focused on securing the perimeters to protect internal networks. Often referred to as the Castle and Moat approach, these tactics emphasized the creation of defenses (Moats) to prevent external access (into the castle or data centers) while trusting internal sources.  Fast forward to the days of multi-cloud environments and blurred boundaries…

Regulatory Change Management: Process, Tools & Tips

Imagine this: You’re a 500-person company with ten departments, rolling out GDPR protocols since you’re expanding in the EU. A support employee working on a customer ticket downloads a file with personal data to get a “quick, unofficial second opinion.” Seems innocent enough, right? But in the GRC world, that’s a major red flag. So…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.

Contact sales