Compliance status
Our commitments and current standing across key regulatory frameworks.
GDPR
We operate on a best-effort basis for GDPR alignment. EU regional infrastructure is available for data residency requirements. Standard contractual clauses and a Data Processing Addendum are provided to customers upon request.
Best-effortSOC 2
A SOC 2 Type II audit is currently in progress with an independent AICPA-accredited firm. We expect the final report within the current fiscal quarter. Bridge letters are available for existing enterprise agreements.
In progressHIPAA
We are not HIPAA certified and do not currently offer a BAA. Protected health information should not be processed through our platform. We will update this page if this status changes.
Not certifiedData retention
Logs are retained for a rolling 30-day window. After 30 days, log data is permanently purged from all storage tiers. Metrics and aggregated analytics may be retained in anonymized form beyond this window.
30 days