SECURITY & privacy

Safe and secure,
every step of the way

Contact us
People under umbrellas
Compliance and certifications

Secure by design

Admin paperwork
Cloud security
The Carrot application is hosted on Microsoft Azure, a top-tier cloud provider that undergoes extensive audits in technical and physical security.
Networked planet
Secure software development
Carrot adheres to a rigorous and secure Software Development Lifecycle (SDLC) to ensure only safe and stable updates are shipped to our application.
Care Nav expert team
Penetration testing
Carrot undergoes annual penetration testing from a third-party auditor and continuously scans our application and system for vulnerabilities.
A computer and a mobile phone
All data is encrypted in transit (TLS 1.2) and at rest (AES-256).
Carrot card
Access controls
Carrot systems are designed to abide by the principals of Deny by Default, Least Privilege, Need-To-Know, and Unique Identification.
Carrot card
Single sign-on (SSO)
Employers have the option to connect their SAML identity provider (e.g., Okta, G Suite, OneLogin) for seamless and secure authentication.
Carrot card
Anti-money laundering program
Carrot maintains a rigorous anti-money laundering (AML) program designed to prevent our platform from being used as a vehicle for money laundering.

Frequently asked questions

How does Carrot ensure data privacy for employees?
Carrot strictly adheres to regulatory frameworks including HIPAA, GDPR, and CCPA to ensure data privacy for our members.
What data does
Carrot collect from employees?
Data collected from employees is limited to the data necessary to provide our service.
What does Carrot do with data it collects?
Carrot uses collected data to conduct necessary business and optimize the experience of our members.
Does Carrot share data with third parties?
Carrot shares data with third parties only to the extent necessary to conduct our business. Carrot does not share employee data with employers, except when limited, de-identified data must be shared to process taxes and payroll. Carrot does not sell or rent employee data to outside parties.
Read our Privacy Notice

See how Carrot can transform your company

Find out how our customizable fertility solutions can help your plan, your groups, and your members.
Contact us