Skip to content
Trust Center

Security and compliance you can verify.

We build to enterprise standards and operate with security as a first principle. Here's how we protect your data, your systems, and your customers.

Frameworks & certifications

Controls mapped and continuously monitored against the standards your buyers require.

Aligned

SOC 2 Type II

Security, Availability & Confidentiality

Aligned

ISO 27001

Information security management

Supported

HIPAA

Safeguards for PHI workloads

Supported

PCI DSS

Cardholder data environments

Aligned

GDPR

Data protection & privacy

Security practices

Defense-in-depth, applied across every engagement.

Encryption everywhere

Data encrypted in transit and at rest with managed keys and rotation.

Least-privilege access

Zero-trust IAM, scoped credentials, and just-in-time access.

Continuous monitoring

24×7 detection, anomaly alerting, and full audit logging.

Continuous compliance

Automated evidence collection and drift detection via Complexel.

Secure SDLC

DevSecOps gates, dependency scanning, and signed artifacts.

Incident response

Documented runbooks, defined SLAs, and post-incident reviews.

Vendor & subprocessor review

Risk-assessed subprocessors with DPAs and ongoing review.

Red teaming

Adversarial testing of AI and infrastructure on every release.

Subprocessors

The infrastructure and AI providers we rely on, each risk-assessed and under a DPA.

ProviderPurposeRegion
Amazon Web ServicesCloud hosting & computeUS / EU
Google CloudAI/ML infrastructureUS / EU
Microsoft AzureCloud hostingUS / EU
AnthropicLLM inferenceUS
OpenAILLM inferenceUS

Need our security package, DPA, or pen-test summary for vendor review?

Request documents