Compliance Standards

Last updated: July 8, 2025

GDPR Compliance

We adhere to the General Data Protection Regulation (GDPR) requirements:

• Data Processing Addendum (DPA) available for enterprise customers
• Data subject rights fulfillment process
• Appointment of Data Protection Officer
• Records of processing activities maintained
• Data protection impact assessments for high-risk processing

CCPA Compliance

Compliance with the California Consumer Privacy Act (CCPA):

• Process for handling consumer rights requests
• Opt-out mechanisms for data sales
• Annual privacy policy updates
• Employee training on CCPA requirements

ISO Certifications

Our security management systems are certified to international standards:

• ISO 27001: Information Security Management
• ISO 27017: Cloud Security Controls
• ISO 27018: Personal Data Protection in the Cloud
• ISO 27701: Privacy Information Management

SOC 2 Type II Compliance

Annual SOC 2 Type II audits verify our security controls:

• Security, availability, and confidentiality principles
• Independent third-party validation
• Detailed reports available under NDA
• Continuous monitoring of control effectiveness

Industry-Specific Compliance

Specialized compliance for regulated industries:

• HIPAA compliance for healthcare applications
• FERPA compliance for educational institutions
• PCI DSS compliance for payment processing
• FedRAMP compliance for government agencies

Data Residency

Options to meet data sovereignty requirements:

• Data processing in specific geographic regions
• Custom data retention policies
• Data localization for regulated industries
• Jurisdiction-specific compliance documentation