Trading firms & funds
Quant funds, prop shops, and execution venues that need predictable rate, deterministic timestamps, and an SLA their compliance team will sign off on.
Enterprise · Procurement-ready, day one
Built for procurement, legal, and security.
The same canonical data and APIs the rest of SiftingIO ships, with contracts your legal team will sign, security posture your CISO will approve, and commercial terms your finance team already understands.
99.95% SLA + creditsSSO · SCIM · audit logsMSA · DPA · NDA · custom paperNet-30/60 · POs · wire
Who Enterprise is for
Four shops we sign with most often.
Enterprise isn't a feature toggle. It's the contract, support, and security tier that lets these teams ship without re-litigating procurement every quarter.
Fintechs & payment platforms
Wallets, neobanks, and payment platforms embedding live FX and crypto across millions of end users, with display-use rights and procurement-grade contracts.
Enterprise platforms
Internal data lakes, feature stores, and analytics platforms consolidating crypto, forex, US stocks, and DEX under a single MSA and one bearer token.
Regulated & licensed entities
Broker-dealers, asset managers, and regulated entities that need DPAs, audit cooperation, and traceability on every read.
What Enterprise unlocks
Scale, reliability, security, and commercial terms.
Same data, broader scope. Each block below is what self-serve plans don't ship, and what your security and legal teams typically need before signing off on a vendor.
Scale across products
Custom rate limits and WebSocket subscription counts that span every product, not per-product caps that fragment your stack.
- Custom REST throughput beyond 6,000 req/min
- WebSocket subscriptions in the tens of thousands
- Burst headroom and overage thresholds in contract
- Optional dedicated single-tenant cluster
Reliability that survives audits
Tighter SLA, automatic service credits, and an incident workflow your on-call rotation can plug into.
- 99.95% monthly uptime SLA
- Service credits up to 25% of monthly fees
- Multi-region routing with explicit regions in contract
- Status-page webhooks for incident automation
Security to clear procurement
Identity, access, and audit primitives that let your security team approve us once and not re-review every quarter.
- SSO + SAML 2.0, SCIM provisioning
- RBAC with scoped, environment-bound API keys
- Custom IP allowlists and egress controls
- Exportable audit logs for every credential
Commercial terms that fit your shop
Contracts and payment workflows your legal and finance teams already understand. No custom clickwrap.
- Custom MSA, DPA, NDA, and security addenda
- Net-30 / Net-60 invoicing, POs, wire / SEPA / ACH
- Annual commitments with volume discounts
- Vendor-onboarding & questionnaire support (SIG, CAIQ)
Contracts
Paper your legal team already knows.
Standard contracts ready immediately, custom paper redlined within reason, and clauses that conflict with our upstream licenses flagged transparently.
Master Service Agreement (MSA)
Our standard MSA covers term, fees, IP ownership, confidentiality, warranties, and indemnification. Both your paper and ours accepted; we redline either.
Available now · Default for Enterprise
Data Processing Agreement (DPA)
GDPR / UK-GDPR-compatible DPA covering processor obligations, sub-processors, transfer mechanisms (SCCs), and data-subject rights, for the limited PII present in account and audit metadata.
Available now · Signed under SaltingIO LLC
Statement of Work (SOW)
Per-engagement SOWs for custom scope: dedicated clusters, private feeds, custom backfill, integration consulting, or non-standard data handling.
On request
Mutual NDA
Stand-alone or appended to the MSA. Standard term, standard exceptions, mutual obligations.
Available now
Security addendum
Documented security posture: encryption, key management, access controls, incident response, vulnerability handling, and breach-notification obligations.
Available now
Custom redlines & paper
If your legal team has a preferred form, send it. We redline within reason and flag clauses that conflict with our upstream data licenses.
Negotiated case by case
Need our standard MSA, DPA, or security addendum to share with your legal team before a kickoff call? We’ll send them under NDA.
Request contract packLicensing & rights
What you can and can't do with the data.
The license scope is set in your contract. Below is the default for self-serve and Enterprise plans. Tune any cell during contracting if your workload needs more.
| Use case | Internal | Display to end users | Redistribution |
|---|---|---|---|
| Internal analytics / research | Included on every paid plan | - | Not permitted |
| Display in your product (end users) | - | Permitted on Pro and Enterprise | Not permitted |
| Derivative analytics / signals | Permitted (own analytics) | Permitted to your end users | Not permitted as raw data |
| B2B redistribution / sublicensing | - | - | Enterprise + redistribution addendum |
| Storage of retrieved data | Permitted within your contracted retention | Permitted | Subject to redistribution clause |
Derivative works are yours
Analytics, signals, factors, and dashboards you build from SiftingIO data are yours to use, sell, and display to your end users. The line is reproducing the underlying canonical data itself as a raw feed for third parties. That’s where a redistribution addendum kicks in.
Upstream rights are real
Underlying market data is subject to the IP rights of originating exchanges, liquidity providers, and index sponsors. Our license to you sub-licenses what we’re permitted to pass through. Anything outside that scope (e.g. raw venue redistribution) needs an addendum so we can true up upstream.
Full disclosures, methodology, and licensing language live on the disclosures page. The contract itself takes precedence over any summary on this page.
Security & compliance
Posture that survives a security review.
What's live today, what's underway, and what's on the roadmap. Pre-filled questionnaires (SIG, CAIQ, custom) available under NDA.
- Live
Encryption in transit
TLS 1.3 minimum on every endpoint; modern cipher suites only; HSTS preload-eligible.
- Live
Encryption at rest
AES-256 at rest for credentials, audit logs, and tenant metadata. KMS-managed keys, rotatable without downtime.
- Live
Tenant isolation
Per-tenant credential, key, and rate-limit isolation. Optional dedicated single-tenant cluster on Enterprise.
- Live
Identity & access
SSO / SAML 2.0 with major IdPs (Okta, Azure AD, Google Workspace, custom SAML). SCIM provisioning. RBAC.
- Live
Audit logs
Exportable per-credential read logs and admin-action logs. Stream to your SIEM via webhook on Enterprise.
- Live
Multi-region routing
Live in multiple AWS regions with deterministic failover; specific regions and primary/secondary listed in contract.
- In progress
SOC 2 Type II
Type II audit underway with a Big-4 auditor. Letter of engagement available under NDA.
- Roadmap
ISO 27001
On the 2026 / 2027 roadmap. Available evidence and questionnaire responses provided in the meantime.
Procurement support
Built to clear vendor onboarding.
The unglamorous-but-load-bearing work of getting onto your approved-vendor list, in writing, with the right counterparty.
Vendor onboarding
We complete your vendor-management questionnaire, provide W-9 / W-8BEN-E, insurance certificates (cyber + E&O), and supplier-diversity disclosures where applicable.
Security questionnaires
Pre-filled SIG, CAIQ, and CIS / NIST mappings available under NDA. Custom questionnaires turned around within 5 business days.
Payment methods
Card and ACH self-serve; Enterprise also accepts wire, SEPA, and SWIFT transfer. Net-30 / Net-60 invoicing on annual contracts.
Purchase orders & invoicing
POs accepted as the payment instrument. Custom invoice line items, your finance contact on file, and consolidated billing across your subsidiaries.
Annual commitments
Annual term with volume tiers, true-up at year-end (no surprise overage bills), and price protection for the contract length.
Multi-entity contracting
Single master with affiliate addenda for groups operating across subsidiaries. Centralized billing, decentralized usage reporting.
SLA & service credits
99.95%, and credits if we miss.
Service credits are issued automatically on Enterprise. No tickets to file, no proof of damage required. The breach is the trigger.
Default Enterprise SLA99.95%
Higher tiers availableOn request
Technical response4h
Critical-incident response24/7
| Monthly uptime | Credit |
|---|---|
| < 99.95% but ≥ 99.9% | 5% of monthly fees |
| < 99.9% but ≥ 99.5% | 10% of monthly fees |
| < 99.5% | 25% of monthly fees |
Onboarding
The first 30 days, mapped.
Most Enterprise customers are in production within 30 days. Here's what that looks like.
- Day 0
Kickoff call with your account manager
30-minute call to align on use cases, products, environments, expected volume, and milestones. Slack / Teams channel created.
- Day 1–7
Architecture review & key provisioning
Live walkthrough of your integration plan with our engineering team. Production and staging keys issued; SSO configured against your IdP.
- Day 7–21
Live integration assistance
Pair-programming-grade support over the shared channel. Reference clients, sample notebooks, and direct help with any non-trivial code path.
- Day 21–30
Production cut-over
Coordinated go-live: traffic ramp, monitoring tuned to your alerting, on-call escalation paths confirmed, and a backup rollback plan in place.
- Day 30
Post-go-live retrospective
Joint review of the first month: usage, incidents, open items, roadmap requests, and success metrics for the next quarter.
FAQ
Enterprise FAQ.
What's actually different on Enterprise vs Pro?
The data is identical: same canonical feeds, same JSON schema, same freshness. Enterprise adds custom rate limits across products, a 99.95% SLA with service credits, SSO / SAML / SCIM, custom IP allowlists, dedicated account management with a 4-hour technical SLA, custom contracts (MSA / DPA / SOW / NDA), beyond-bundle volume discounts, and procurement workflows like POs and net-30 / net-60 invoicing.
What contracts do you sign?
Standard MSA, DPA, mutual NDA, security addendum, and per-engagement SOWs are available immediately. We accept your paper and redline within reason; clauses that conflict with our upstream data licenses are flagged transparently with proposed alternatives. Send your preferred form to legal@sifting.io.
Can we redistribute the data inside our products?
Display use inside your end-user product is permitted on Pro and Enterprise plans. Redistribution as raw feeds, B2B sublicensing, and high-volume display use require an Enterprise contract with a redistribution addendum, since they affect our obligations to upstream data sources. We're happy to scope what's needed during contracting.
Who owns the data we receive, and who owns derivative works?
The underlying market data is licensed to you for the scope defined in your contract; we sub-license rights from upstream sources within that scope. Derivative analytics and signals you create from the data are yours to use and display to your users; what you cannot do is republish the underlying canonical data as raw feeds without a redistribution addendum.
Do you have SOC 2, ISO 27001, or PCI?
SOC 2 Type II is in progress with a Big-4 auditor; the letter of engagement is available under NDA, and Type I evidence is shareable on request. ISO 27001 is on the 2026 / 2027 roadmap. We do not currently process card data ourselves (Stripe handles PCI-DSS), so PCI does not apply to SiftingIO directly.
How is Enterprise priced?
Enterprise pricing is tied to committed throughput across products, history depth, and the support / SLA tier you need. We don't publish list prices because the right number depends on the workload. Most customers land between $30K and $500K ACV; below $30K, the self-serve Pro tier or a Platform bundle is usually the better fit.
Can we get a dedicated cluster or private deployment?
Yes. Single-tenant clusters with custom rate, region, and routing requirements are available on Enterprise. We also support customer-managed VPC peering for AWS-hosted workloads and BYO-network egress controls on request.
What happens if upstream data corrects or restates a record?
Historical records can be revised when upstream sources correct or restate prior data; revisions are versioned and accompanied by methodology notes. Enterprise customers receive proactive notifications for any correction that affects records they have queried in the prior 30 days.
How do you handle audits, yours or ours?
Customers are responsible for accurate usage reporting under their license tier. On reasonable notice, we (or our upstream sources) may request usage information to verify scope; we cooperate with your auditors providing access to relevant logs, contracts, and methodology under NDA.
Can we negotiate the SLA upward?
Yes. 99.95% is the default Enterprise SLA. Higher availability targets and tighter response-time commitments are negotiable for workloads that need them, typically backed by a dedicated cluster and an explicit operational runbook.
What's the path from Pro to Enterprise?
Talk to sales. We can usually scope an Enterprise contract within 2–3 weeks for typical procurement timelines, faster if your security team is already approved. Existing Pro usage migrates with the same keys and the same canonical data; only the contract, limits, and support tier change.
Custom contract · 99.95% SLA · Dedicated AM
Let’s scope it together.
Tell us your products, your expected volume, and your security and procurement constraints. We’ll come back with a contract, timeline, and price within a few business days.