Compliance

  • ISO 27001:2022
  • SOC 2 Type II
  • ISO 42001:2023
  • GDPR
  • HIPAA
  • CSA STAR Level 1

Resources

View all

Compliance

SOC 2 Type II ISO/IEC 42001:2023 Certificate ISO/IEC 27001:2022 Certificate GDPR Certificate View 2 more

Penetration Testing

Penetration Test Status of
Findings (Feb 2026)

Questionnaires

CSA STAR CAIQv4.0.3

Privacy

SaaS Platform DPIA Data Processing Agreement (DPA)

Miscellaneous

Architecture Diagram

Controls

View all

Infrastructure Security
  • Service infrastructure maintained
  • Production data backups conducted
  • Database replication utilized
View 8 more Infrastructure Security controls

Organizational Security
  • Employee background checks performed
  • Security awareness training implemented
  • Confidentiality Agreement acknowledged by contractors
View 3 more Organizational Security controls

Internal Security Procedures
  • Continuity and disaster recovery plans tested
  • Incident response plan tested
  • Backup processes established
View 15 more Internal Security Procedures controls

AI Security & Compliance
  • AI system impact assessment
  • Determining the scope of the AI management system
  • AI objectives and planning
View 37 more AI Security & Compliance controls

Product Security
  • Vulnerability and system monitoring procedures established

Data and Privacy
  • Privacy policy established
  • Data retention procedures established
  • Privacy compliant procedures established
View 12 more Data and Privacy controls

Data collected

  • Customer personally identifiable information
  • Employee personally identifiable information
  • Credit card information
  • Personal health information

Subprocessors

View all
  • Amazon Web Services Infrastructure Hosting Core Product
    US, EU
  • Azure Infrastructure provider Cloud Services
    US, EU
  • GCP Infrastructure provider Cloud Services
    US, EU
  • Google Workspace Email & Collaboration Internal Communication & Document Collaboration
    US