Please Try a Different Browser

You are using an outdated browser that is not compatible with our website content. For an optimal viewing experience, please upgrade to Microsoft Edge or view our site on a different browser.

If you choose to continue using this browser, content and functionality will be limited.

Blurred business office shopping mall

Tungsten Automation Trust

Security, compliance, and privacy information you can count on


Tungsten Automation, formerly Kofax, takes building and maintaining the trust of our customers seriously. Tungsten Automation provides robust security, compliance, and privacy programs that carefully consider data protection matters across our suite of products. The Tungsten Automation Trust site ensures you have the latest security, compliance, and privacy information at your fingertips.

Close up of handshake in the office

Highlights of Tungsten Automation’s Security Approach

We’ve designed our cloud services to protect your data and ensure it’s secure at all times.

Data Security

Industry standard physical and technical measures to protect you and your data

Product Testing

Robust data and privacy compliance testing and threat and vulnerability management programs

Risk Management

24/7/365 network security monitoring procedures to keep you running

Organization & Management

Dedicated teams of SMEs across privacy, information security, and compliance

Audits & Attestations

Significant investment in maintaining globally recognized certifications and attestations


Proactive incident response management and communications on security incidents


Certifications, Standards, and Regulations

Tungsten Automation maintains a comprehensive set of compliance certifications and attestations that demonstrate our commitment to protecting customer data and following regulatory and industry standards. Certifications may vary by product; please contact your Sales Manager for more information.

Click here to view our Information Security Policy which applies for “Cloud Services” and “Public facing SaaS solutions."


SOC 2 Type 1 and Type 2

Tungsten Automation has invested significant resources to become a SOC 2 certified organization, which means that Tungsten Automation complies with the reporting requirements stipulated by the American Institute of Certified Public Accountants (AICPA). We undergo yearly audits across all aspects of our production operations, including our datacenters, and have sustained and surpassed all requirements.

Learn More


Tungsten Automation is proud to have achieved a SOC 3 attestation, which means that Tungsten Automation complies with the reporting requirements stipulated by the American Institute of Certified Public Accountants (AICPA). The SOC 3 report is a publicly available, executive summary of our SOC 2 report and covers the Security, Availability, and Confidentiality Trust Services Principles.

Request SOC 3 Report (for Customers and Partners)
ISO IEC 27001

ISO/IEC 27001

Tungsten Automation is certified in ISO/IEC 27001, a widely known standard for information security management system (ISMS) and their requirements. It enables organizations to manage the security of assets such as financial information, intellectual property, employee details or information entrusted by third parties.

Download Certificate


The Payment Card Industry Data Security Standards (PCI DSS) is a proprietary information security standard designed to ensure that companies processing, storing or transmitting payment card information maintain a secure environment. A third-party PCI Qualified Security Assessor (QSA) assesses Tungsten Automation systems and processes on an annual basis and issues an Attestation of Compliance.

Learn More


Peppol is a set of artifacts and technical specifications that enable eProcurement solutions and eBusiness exchange services to be interoperable between disparate systems across Europe. Tungsten Automation adheres to the Peppol standard.

Learn More


The General Data Protection Regulation (GDPR) is a comprehensive data protection law that regulates the use of personal data of EU residents and provides individuals rights to exercise control over their data. Tungsten Automation is compliant with GDPR.

Learn More


The California Consumer Privacy Act of 2018 (CCPA) gives consumers more control over the personal information that businesses collect about them. Tungsten Automation is compliant with CCPA.

Learn More


The United States Health Insurance Portability and Accountability Act of 1996 (HIPAA) regulates the security and privacy of Protected Health Information (PHI) held by covered entities and gives patients an array of rights with respect to that information. Tungsten Automation is compliant with the HIPAA security requirements.

Learn More
FSQS Registered

Hellios Certified Accredited Supplier

The rigorous Hellios certification process tests suppliers' capabilities on multiple fronts to ensure they adhere to the highest standards in quality, compliance, sustainability, and risk management. By achieving this accreditation, Tungsten Automation showcases its dedication to surpassing these requirements, enabling customers to make informed choices when selecting a trusted vendor.

Download Certificate

Protecting Our Customer's Data Privacy

Protecting our customers’ data privacy is a top priority. We are committed to evaluating and updating our privacy policies and practices, and ensuring our continued compliance with GDPR, CCPA, and HIPAA.

Read our online privacy notice

System Status

Stay In the Know on Tungsten Automation Systems

The Tungsten Automation System Status site provides real-time information on service availability, performance, and scheduled maintenance events for our cloud products.

Visit the Tungsten Automation Status Page

Our Commitment to Ethical Behavior and Legal Compliance

Anonymous submission of ethics-related inquiries or suspected violations may be submitted confidentially via the Tungsten Automation Corporate Compliance Whistleblower Website, a completely external service.

Learn More

2024 Tungsten Automation Impact Report

This document contains disclosure of environmental, social and governance (ESG) information relevant to Tungsten Automation. The disclosures in this report illustrate how Tungsten Automation activities align with the Sustainable Development Goals (SDGs), which comprise the key objectives of the United Nations 2030 Agenda for Sustainable Development.

Learn More

Environmental, Social and Governance (ESG) Statement 

Tungsten Automation’s commitment to sustainability and today’s environmental and societal challenges is an important responsibility.