The Problem
Infactory, which helps companies license their video archives for use on AI platforms, faced a number of contractual requirements due to the sensitive nature of its business: exposing pre-produced, branded content to new AI tools. Specifically, the company needed to demonstrate enterprise-level security and full data control to prospective and current customers when it contacted Koop in 2025.
The Solution
Koop designed a compliance bundle that would help Infactory prove enterprise-level security to its customers: SOC 2 Type I combined with ISO 27001 and GDPR. By leveraging Koop’s compliance automation platform and white-glove implementation services, Infactory started its certifications in days instead of the weeks a legacy vendor would take. Koop helped Infactory save crucial time through its understanding of where and how Infactory’s certifications overlapped with each other.
Looking Forward
Having achieved its SOC 2 Type I certification, Infactory is well on its way to completing ISO 27001 and GDPR. Its compliance bundle ensures Infactory is not only poised to scale in the United States but also abroad, where ISO 27001 and GDPR compliance are critical for companies that handle personal data and video.
Why Koop
Koop’s extensive compliance experience combined with its automated GRC platform made it the ideal partner to identify gaps in Infactory’s posture and fill them in the most timely, cost-effective way possible. This, in turn, made it possible for Infactory to increase its growth, without facing new, burdensome compliance hurdles.
