Compliance & Trust

Enterprise-Grade Compliance

We maintain the highest standards of security and compliance to protect your data and meet regulatory requirements.

View Certifications Security Overview

Certifications & Standards

We maintain compliance with major security standards and regulations

Certified

SOC 2 Type II

Independent audit of security, availability, and confidentiality controls

Compliant

GDPR

Full compliance with EU General Data Protection Regulation

Compliant

CCPA

California Consumer Privacy Act compliance for US users

In Progress

ISO 27001

International standard for information security management

Available

HIPAA

Healthcare data compliance available for enterprise customers

Compliant

FERPA

Family Educational Rights and Privacy Act compliance

Our Security Practices

How we protect your data every day

Data Encryption

All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Encryption keys are managed using industry-standard key management services.

Access Control

Role-based access control with principle of least privilege. Multi-factor authentication required for all internal systems.

Data Retention

Clear data retention policies with automatic purging. Users can request data deletion at any time.

Vendor Management

All third-party vendors undergo security assessments. We maintain a limited number of sub-processors.

Incident Response

24/7 security monitoring with documented incident response procedures. Customers notified within 72 hours of any breach.

Employee Training

All employees complete annual security awareness training. Background checks required for all staff with data access.

Sub-Processors

Third-party services that process data on our behalf

Service

Purpose

Location

Amazon Web Services

Cloud Infrastructure

United States

Stripe

Payment Processing

United States

OpenAI

AI Processing

United States

Anthropic

AI Processing

United States

Vercel

Application Hosting

United States

Neon

Database Hosting

United States

Data Processing Agreement

Enterprise customers can request our standard Data Processing Agreement (DPA) for GDPR and other regulatory compliance.

Download DPA Request Custom DPA

Compliance Questions?

Our security and compliance team is available to answer your questions and provide documentation.

[email protected]

Compliance & Trust

Enterprise-Grade Compliance

We maintain the highest standards of security and compliance to protect your data and meet regulatory requirements.

View Certifications Security Overview

Certifications & Standards

We maintain compliance with major security standards and regulations

Certified

SOC 2 Type II

Independent audit of security, availability, and confidentiality controls

Compliant

GDPR

Full compliance with EU General Data Protection Regulation

Compliant

CCPA

California Consumer Privacy Act compliance for US users

In Progress

ISO 27001

International standard for information security management

Available

HIPAA

Healthcare data compliance available for enterprise customers

Compliant

FERPA

Family Educational Rights and Privacy Act compliance

Our Security Practices

How we protect your data every day

Data Encryption

All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Encryption keys are managed using industry-standard key management services.

Access Control

Role-based access control with principle of least privilege. Multi-factor authentication required for all internal systems.

Data Retention

Clear data retention policies with automatic purging. Users can request data deletion at any time.

Vendor Management

All third-party vendors undergo security assessments. We maintain a limited number of sub-processors.

Incident Response

24/7 security monitoring with documented incident response procedures. Customers notified within 72 hours of any breach.

Employee Training

All employees complete annual security awareness training. Background checks required for all staff with data access.

Sub-Processors

Third-party services that process data on our behalf

Service

Purpose

Location

Amazon Web Services

Cloud Infrastructure

United States

Stripe

Payment Processing

United States

OpenAI

AI Processing

United States

Anthropic

AI Processing

United States

Vercel

Application Hosting

United States

Neon

Database Hosting

United States

Data Processing Agreement

Enterprise customers can request our standard Data Processing Agreement (DPA) for GDPR and other regulatory compliance.

Download DPA Request Custom DPA

Compliance Questions?

Our security and compliance team is available to answer your questions and provide documentation.

[email protected]

Enterprise-Grade Compliance

Certifications & Standards

SOC 2 Type II

GDPR

CCPA

ISO 27001

HIPAA

FERPA

Our Security Practices

Data Encryption

Access Control

Data Retention

Vendor Management

Incident Response

Employee Training

Sub-Processors

Data Processing Agreement

Compliance Questions?

Offline Support

Enterprise-Grade Compliance

Certifications & Standards

SOC 2 Type II

GDPR

CCPA

ISO 27001

HIPAA

FERPA

Our Security Practices

Data Encryption

Access Control

Data Retention

Vendor Management

Incident Response

Employee Training

Sub-Processors

Data Processing Agreement

Compliance Questions?