Certifications and Security Standards

Learn more about Certifications and Security standards of Rillion’s different Accounts Payable Solutions.

SOC 1

A SOC 1 Report (System and Organization Controls Report) is a report on controls at a service organization which are relevant to user entities’ internal control over financial reporting. The service organization (with the assistance of the auditors) determines what the key control objectives are for the services they provide to their clients. Control objectives are related to both information technology processes and business processes at the service organization.

Organization Examined:

Rillion Inc – Service Rillion Prime US

SOC 2

A SOC 2 report also falls under the SSAE 18 standard, though it is specifically addressed in sections AT-C 105 and AT-C 205. The SOC 2 report includes a service organization’s controls that are outlined by the AICPA’s Trust Services Criteria (TSC) that are relevant to its services, operations, and compliance. There are five available criteria that include security, availability, processing integrity, confidentiality, and privacy.

Service Organizations Examined:

Rillion Inc – Service Rillion Prime US
Rillion AB – Service Rillion Prime EMEA

HIPAA

The Health Insurance Portability and Accountability Act (HIPAA) sets the standard for sensitive patient data protection. Companies that deal with protected health information (PHI) must have physical, network, and process security measures in place and follow them to ensure HIPAA Compliance.

Covered entities (anyone providing treatment, payment, and operations in healthcare) and business associates (anyone who has access to patient information and provides support in treatment, payment, or operations) must meet HIPAA Compliance. Other entities, such as subcontractors and any other related business associates must also be in compliance.

GDPR

GDPR is a set of rules that protect individuals’ privacy. The legislation regulates the processing of EU residents’ and citizens’ personal data, including collection, use, transfer, monitoring, tracking, and even viewing of personal data. It went into effect on May 25, 2018. Data subjects, as individuals are called in GDPR, have more rights to control their data. All Rillion entities comply to GDPR.

CCPA

The California Consumer Privacy Act of 2018 (CCPA) gives consumers more control over the personal information that businesses collect about them. This law secures privacy rights for California consumers. All Rillion entities comply to CCPA.

Interesting Readings

See all articles

Back to Trust Center Start page

AP Automation for your
peace of mind- we got this.

Schedule a Consultation

Contact us

North American HQ

Rillion Inc.
330 North Wabash Avenue, 23rd Floor
Chicago, IL 60611
Contact us

Swedish HQ

Rillion AB
Box 7025
103 86 Stockholm

Find local Rillion office

Strictly Necessary Cookies

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

Name	Provider	Purpose	Expiration
_GRECAPTCHA	www.google.com	This cookie is set by the Google recaptcha service to identify bots to protect the website against malicious spam attacks.	5 months 27 days
nitroCachedPage	www.rillion.com	This cookie is set by the NitroPack cache plugin to provide load-balancing functionality.	session
wp-wpml_current_language	www.rillion.com	This cookie is set by the WPML plugin to store the current language.	session

3rd Party Cookies

These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. Read more about Google Privacy and Terms. They do not store directly personal information but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising. Act-On Beacon Tracking collects behavioral data on the website and form fills.

Name	Provider	Purpose	Expiration
CONSENT	.youtube.com	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.	2 years
_gcl_au	.rillion.com	Provided by Google Tag Manager to experiment advertisement efficiency of websites using their services.	3 months
_ga	.rillion.com	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.	2 years
_gid	.rillion.com	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.	1 day
_gat_UA-227155837-1	.rillion.com	A variation of the _gat cookie set by Google Analytics and Google Tag Manager to allow website owners to track visitor behaviour and measure site performance. The pattern element in the name contains the unique identity number of the account or website it relates to.	1 minute
_ga_XZPJW5Z9YM	.rillion.com	This cookie is installed by Google Analytics.	2 years
_ga_D7QJ3XWQ0N	.rillion.com	This cookie is installed by Google Analytics.	2 years
_gaexp	.rillion.com	Google Analytics installs this cookie to determine a user's inclusion in an experiment and the expiry of experiments a user has been included in.	2 months 7 days 13 hours 22 minutes
_hjFirstSeen	.rillion.com	Hotjar sets this cookie to identify a new user’s first session. It stores a true/false value, indicating whether it was the first time Hotjar saw this user.	30 minutes
_hjIncludedInSessionSample	www.rillion.com	Hotjar sets this cookie to know whether a user is included in the data sampling defined by the site's daily session limit.	2 minutes
_hjIncludedInPageviewSample	www.rillion.com	Hotjar sets this cookie to know whether a user is included in the data sampling defined by the site's pageview limit.	2 minutes
_hjAbsoluteSessionInProgress	.rillion.com	Hotjar sets this cookie to detect the first pageview session of a user. This is a True/False flag set by the cookie.	30 minutes
_uetsid	.rillion.com	Bing Ads sets this cookie to engage with a user that has previously visited the website.	1 day
_uetvid	.rillion.com	Bing Ads sets this cookie to engage with a user that has previously visited the website.	1 year 24 days
AnalyticsSyncHistory	.linkedin.com	Linkedin set this cookie to store information about the time a sync took place with the lms_analytics cookie.	1 month
UserMatchHistory	.linkedin.com	LinkedIn sets this cookie for LinkedIn Ads ID syncing.	1 month
lang	.ads.linkedin.com	LinkedIn sets this cookie to remember a user's language setting.	session
bcookie	.linkedin.com	LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser ID.	1 year
lidc	.linkedin.com	LinkedIn sets the lidc cookie to facilitate data center selection.	1 day
bscookie	.www.linkedin.com	LinkedIn sets this cookie to store performed actions on the website.	1 year
li_gc	.linkedin.com	Linkedin set this cookie for storing visitor's consent regarding using cookies for non-essential purposes.	5 months 27 days

Additional Cookies

This website uses the following additional cookies.

Name	Provider	Purpose	Expiration
_fbp	.rillion.com	This cookie is set by Facebook to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising, after visiting the website.	3 months
YSC	.youtube.com	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.	session
VISITOR_INFO1_LIVE	.youtube.com	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.	5 months 27 days
yt-remote-device-id	youtube.com	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.	never
yt-remote-connected-devices	youtube.com	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.	never
yt.innertube::requests	youtube.com	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.	never
yt.innertube::nextId	youtube.com	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.	never
test_cookie	.doubleclick.net	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.	15 minutes
MUID	.bing.com	Bing sets this cookie to recognize unique web browsers visiting Microsoft sites. This cookie is used for advertising, site analytics, and other operations.	1 year 24 days
fr	.facebook.com	Facebook sets this cookie to show relevant advertisements to users by tracking user behaviour across the web, on sites that have Facebook pixel or Facebook social plugin.	3 months
wp23786	.rillion.com	The Beacon Tracker works by placing a cookie on a user's browser. The cookie identifies and stores all behaviors that the user takes on your website, Act-On landing pages, and forms, and anywhere else you have placed your tracking beacon code.	1 year
ln_or	.www.rillion.com	No description	1 day
_hjSessionUser_*	.rillion.com	To store a unique user ID.	1 year
_hjSession_*	.rillion.com	To provide functions across pages.	30 minutes
_rdt_uuid	.leadoo.com	This cookie is set by Leadoo to help to optimize the website and improve the user experience. The main purpose of this cookie is: Targeting/Advertising.	3 months
_gid	.leadoo.com	This cookie is set by Leadoo ro register a unique ID that is used to generate statistical data on how the visitor uses the website.	1 day
__hssrc	.leadoo.com	This is the main cookie for tracking visitors	session
_fbp	.leadoo.com	Used to deliver a series of advertisement products such as real time bidding from third party advertisers	3 months
_gcl_au	.leadoo.com	Used by Google AdSense for experimenting with advertisement efficiency across web sites using their services	3 months
_lfa	.leadoo.com	Used to store and track audience reach.	1 year 1 month 6 days
__hstc	.leadoo.com	This is the main cookie for tracking visitors.	6 month
hubspotutk	.leadoo.com	This cookie is used to keep track of a visitor's identity.	6 month
_ga	.leadoo.com	Google Analytics uses a set of cookies to collect information and report site usage statistics without personally identifying individual visitors to Google.	1 year 1 month 6 days
_ga_*	.leadoo.com	Google Analytics identifies unique users across GA sessions through client ID.	1 year 1 month 6 days

Certifications and Security Standards

SOC 1

SOC 2

HIPAA

Interesting Readings

Solutions

Customers

The company

Contact us