We try to meet rigorous standards for transparency, security and privacy internally (here’s an overview of our security practices so would be nice to also have some type of external security certification (SOC2 or similar) too.