Lattice

lattice.com · facts updated 1 week ago

Privacy facts at a glance

Jurisdictions: US · EU · AR
Subprocessors: 27
Retention: Lattice states it does not keep Personal Information after it is no longer needed, but no specific retention period in days is stated.
Breach notification: The DPA references Security Incident notification obligations but does not state a specific number of hours for breach notification.
Transfer mechanism: Standard Contractual Clauses (Module 2) and UK Addendum (International Data Transfer Addendum B1.0)
SCC modules: Module 2
DPA available: Yes
Certifications: SOC 2 · GDPR · CCPA
GDPR addressed: Yes
CCPA addressed: Yes

Named subprocessors

10Pines Atlassian Amazon Web Services Courier Cloudflare, Inc. Datadog Fivetran Gong Google Cloud Products Intercom Mailgun Material Security, Inc.

Tracked documents

https://lattice.com/trust/privacy-policy checked 5 hours ago

https://lattice.com/trust/terms-of-service checked 5 hours ago

Data processing agreement

Subprocessor list

https://lattice.com/trust/subprocessors checked 4 hours ago

Security / trust page

https://trustcenter.lattice.com/ checked 7 hours ago

Subprocessor list 1 week ago

Document updated.

Subprocessor list 2 weeks ago

Document updated.

Subprocessor list 2 weeks ago

Document updated.

Public summary; per-account review history visible to subscribers tracking this vendor.

Get notified when Lattice adds a subprocessor, changes retention, updates their DPA, or quietly amends their privacy posture.

No card required.