Trust & Security

Trust Center

Transparency in security, compliance, and data handling. Built for enterprise trust.

Security & Privacy

Security Overview

Enterprise-grade security with encryption at rest and in transit, regular penetration testing, and vulnerability management.

Data Protection

Data encrypted using AES-256. TLS 1.3 for all connections. Customer data isolated by tenant with cryptographic boundaries.

Audit & Monitoring

Comprehensive logging of all system access. Real-time security monitoring with automated alerting for anomalies.

Incident Response

Dedicated security incident response team. 24/7 monitoring with defined escalation procedures and customer notification protocols.

Standards & Protocols

SAML 2.0
SCIM 2.0
OpenID Connect
KMS Integration
Tamper-evident logs
Tenant isolation
Policy as Code

Compliance Roadmap

SOC 2 Type II

In Progress

Security, availability, processing integrity audit underway

Expected: Q2 2025

GDPR

Compliant

Data processing agreements available, EU data residency options

ISO 27001

Planned

Information security management system certification

Expected: Q4 2025

HIPAA

Available

Business Associate Agreement (BAA) available for healthcare customers

Sub-processors

Service ProviderPurposeLocation
Amazon Web Services (AWS)Cloud infrastructure and hostingUnited States, Europe
VercelApplication hosting and CDNUnited States

Data Location & Residency

Primary Regions

  • US East (Virginia)
  • EU West (Ireland)

Data Residency Options

Enterprise customers can request specific regional deployment. Contact us to discuss your data residency requirements.

System Status

All Systems Operational
99.9% uptime SLA
Last updated: November 20, 2025

Questions about Security?

Our security team is here to help. We're happy to discuss our practices, provide documentation, or answer specific questions.

Contact Security TeamResponsible Disclosure