SOC 2 Type II
Controls attested across security, availability, and confidentiality themes relevant to how we operate customer environments.
Security
Security
SOC 2 Type II, ISO 27001, GDPR posture, and how we protect customer data.
SOC 2 Type II, ISO 27001, GDPR posture, and how we protect customer data.
Our security programme is designed for enterprises that must explain controls to auditors, boards, and regulators—not just check boxes. Evidence is collected continuously: access reviews, change management, vulnerability management, and incident response runbooks.
Deployment flexibility matters as much as policy PDFs. Where you need VPC isolation, private networking, or air-gapped inference paths, we architect explicitly rather than promising ‘custom everything’ without engineering ownership.
What this means in production
ISO 27001
ISMS practices underpin product delivery, vendor management, and ongoing monitoring—not a certificate sitting in a drawer.
GDPR alignment
Data processing agreements, subprocessors, and transfer mechanisms are available for EU-facing entities and multinationals.
What customers receive
Architecture diagrams, data flow narratives, logging descriptions, retention knobs, and incident notification commitments appropriate to your legal review.
What we ask in return
Clear in-scope systems, named security sponsors, and realistic timelines for pen tests and reviews—so reviews complete instead of stalling in ambiguity.
Security review checklist
- Latest SOC 2 report under NDA
- Subprocessor list
- DPA template
- Incident response summary
- Pen test sharing process
Common questions
Can we run our own pen test?
Yes, with coordination windows and scoped environments so tests do not disrupt production tenants.
Do you train on customer data?
Default product contracts exclude training on your confidential data. Specific terms are spelled in the DPA and order form.
Continue exploring
Move from evaluation to deployment
Book a working session with our engineers. We map your bottlenecks to live products and tell you plainly what will work in your environment.